> -----Original Message----- > From: Michael Thomas [mailto:[EMAIL PROTECTED] > > Indeed, DKIM has the same constraint as well. What I'm not entirely > getting is why 4474 isn't sufficient for the overall goal.
That has been a source of debate for a couple years of mailing list traffic. :) The problems identified so far, I think: 1) Most URI's are actually E.164's, either as Tel's in Sip disguise, or as real Tel's - and 4474 either can't apply to it, or shouldn't, or should - depending on who you ask and in what context. But E.164 is the elephant in the room. 2) 4474 signs things which many real-world cases will break the signature of, and thus has a deployment problem (whether that's fixable, or by design, is another topic of debate). But that's another elephant in the room, or maybe a lion, smaller but hairy. 3) 4474 is susceptible to cut/paste attacks - for example the baiting attack. That one's more like a clown, annoying but probably not deadly. 4) 4474 requires 4916 for called-identity, which some people aren't happy with I think. That one's more like a camel, a hump some people don't like the smell of. At least I think that's the main tent. So basically what we got here is a circus, with some of us trying to tame the animals, while others prefer to sit and enjoy the show. :) -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
