> You wrote: > > > Put in the contrapositive, if a change is not noticeably by > > the end users because they get exactly what they expected, > > then its not an attack. Nothing bad happened, so why would it > > be an attack? > > > > Part of the problem here is that the end user expectations > have not been > rigorously defined for RFC 4474. Parts of RFC 4474 allow > things that the > end user might not have expected, and so on. > > Part of what was on the slides on Tuesday was to create some sort of > informational / BCP that does set out to detail what RFC 4474 > and other > identity drafts provide, i.e. when an identity is delivered, > this is the > security that is / is not associated with it.
So: to create a requirements document? -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
