> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric > Rescorla > > Rather, I'm saying that Identity is not only to allow DTLS-SRTP, but > also to protect other usages, so if your proposal involves changing > fields which would render those other usages insecure, we have a > potential problem. For instance, as I understood Hadriel's comments at > the mike, he thinks he should be able change Call-Id in > non-offer/answer cases.
Yup. In particular, I'm claiming that we should sign something else to provide cut/paste protection rather than the call-id and cseq header fields. I say that because I believe 4474 is signing them for the purpose of cut/paste type protection, not because we actually care whether the call-id/cseq values are changed by a MitM. > Before we consider that, we would need a > security analysis of the impact of changing Call-iD. Yup, and CSeq, and Contact. -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
