Adam Roach wrote:
On 7/8/08 3:18 PM, Hadriel Kaplan wrote:
2) 4474 signs things which many real-world cases will break the
signature of, and thus has a deployment problem (whether that's
fixable, or by design, is another topic of debate). But that's
another elephant in the room, or maybe a lion, smaller but hairy.
In theory, you're talking about To, From, Call-ID, CSeq, Date, Contact,
and the request body. Proxies aren't allowed to change those (with the
exception of To and From, which are done only in the context of 4474 and
RFC 4916), and user agents set them before the 4474 signature goes on them.
In practice, the elephant in your elephant (or small hairy predator) is
the body. You're talking about SBCs, and the thing that SBCs want to
change that breaks RFC 4474 is the body. And that was kind of a
necessary hack back before user agents did much in the way of NAT and
firewall traversal. But any real, commercial user agent I've played with
in the past five years or so has at least rudimentary support in this
area, such that body tweaking is mostly unnecessary.
In other words: there's a better solution than body mangling, and it's
supported by most modern SIP clients. Let's not gut 4474 to maintain our
older, broken network architectures.
Can you send me a link to such a client?
-jiri
/a
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
