Dan, Thanks for writing this, which I believe is an important part of the whole SIP Identity discussion going on at present. Even if (as is likely) the IETF does not standardise such a visual indicator, the IETF should still give consideration to what sort of indicators are needed and ensure that its protocols are able to supply sufficient information for a UA to be able to select the appropriate indicator.
The only other comment I have is that I didn't see anything about the impact of PSTN interworking. So there would seem to be at least 3 elements that make up the security status of a call: - the strength of authentication of the peer user or domain; - the strength of encryption; - whether the call is via PSTN. John > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Dan York > Sent: 08 July 2008 00:46 > To: IETF SIP List > Subject: [Sip] On the need for a visual identifier of trusted > identity - Fwd: I-D > Action:draft-york-sip-visual-identifier-trusted-identity-00.txt > > So after writing my response to Paul Kyzivat's response to Cullen, I > thought about it some more and realized that I ought to > collect those > thoughts into an I-D, which I have now submitted. I did so > primarily > because I haven't really seen discussion of the end user's > *experience* of working with "trusted identity" (if I missed such a > discussion, please feel free to point it out to me). To the person > using a SIP phone to call another SIP phone, how do they know that > they can trust the identity of the caller on the other end? If we > solve the various issues we are discussing related to RFC > 4474, P-A-I, > etc., what might the end user experience look like? > > As I note in the draft, it's not entirely clear to me that > the IETF is > the appropriate body to address this question. It's more of a "user > interface" question that is more about how to have users > adopt/accept > a SIP feature and feels to me like it's something more > appropriate for > a more vendor-centric "industry consortium" type of entity. > Something > like the SIP Forum or some other similar entity. I'm certainly open > to comments and feedback along those lines... In the meantime, I > thought I'd at least throw something out there for discussion. > > Thanks, > Dan > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > Title : The Importance of a Visual Identifier > of Trusted > Identity > Author(s) : D. York > Filename : draft-york-sip-visual-identifier-trusted- > identity-00.txt > Pages : 9 > Date : 2008-07-07 > > This document discusses the need for a visual identifier in Session > Initiation Protocol (SIP) endpoints to indicate to the end user that > they are speaking with someone whose identity is trusted. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-york-sip-visual-iden tifier-trusted-identity-00.txt > > -- > Dan York, CISSP, Director of Emerging Communication Technology > Office of the CTO Voxeo Corporation [EMAIL PROTECTED] > Phone: +1-407-455-5859 Skype: danyork http://www.voxeo.com > Blogs: http://blogs.voxeo.com http://www.disruptivetelephony.com > > Build voice applications based on open standards. > Find out how at http://www.voxeo.com/free > > > > > > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
