On 7/8/08 3:18 PM, Hadriel Kaplan wrote:
2) 4474 signs things which many real-world cases will break the signature of, and thus has a deployment problem (whether that's fixable, or by design, is another topic of debate). But that's another elephant in the room, or maybe a lion, smaller but hairy.
In theory, you're talking about To, From, Call-ID, CSeq, Date, Contact, and the request body. Proxies aren't allowed to change those (with the exception of To and From, which are done only in the context of 4474 and RFC 4916), and user agents set them before the 4474 signature goes on them.
In practice, the elephant in your elephant (or small hairy predator) is the body. You're talking about SBCs, and the thing that SBCs want to change that breaks RFC 4474 is the body. And that was kind of a necessary hack back before user agents did much in the way of NAT and firewall traversal. But any real, commercial user agent I've played with in the past five years or so has at least rudimentary support in this area, such that body tweaking is mostly unnecessary.
In other words: there's a better solution than body mangling, and it's supported by most modern SIP clients. Let's not gut 4474 to maintain our older, broken network architectures.
/a _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
