> -----Original Message----- > From: Michael Thomas [mailto:[EMAIL PROTECTED] > > I thought that the beauty of P-A-I was that my telco can happily claim > that > I'm the Queen of the Night without all the bother of checking to see if > I'm a soprano, or can even sing that many notes in a row. So I guess > I don't see what the point is being extra sure that the fiction is a super > reliable fiction.
It identifies who wrote the fiction, and the receiver can decide if they believe the writer (e.g., based on a reputation system); or if it is fiction can know who wrote it and let them know. (most operators don't intend to write fiction :) And I should note 4474 has a similar issue - the signer can change the From to whatever before signing - except at least 4474 constrains the scope of that fictional identity to the signer's domain name in the URI. In theory that makes it pretty good, because the signer can only lie about their own users, but in practice if the URI is treated as an E.164 then the scope isn't constrained. > And since it seems to only be within a given administrative realm, why > isn't TLS or many other possible techniques adequate? It's not within a given administrative domain - it's within a PAI trust-domain, which in practice often contains multiple administrative domains. -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
