> Here's the problem... if I trust a B2BUA, it doesn't necessarily mean > that I'll trust everything it trusts. If Bob's UA is going to make an > informed choice, we need it to be able to examine a chain of > custody for the identity, at the very least.
The chain would be good, but I would be happy with the first link: who (claims to have) injected the message into the SIP network. Even if the message transited over some itty-bitty ITSP in a country I had never heard of, it wouldn't matter if I could verify the identity of who injected the message into the SIP 'cloud'. -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
