At Wed, 06 Aug 2008 22:37:45 -0500, Dean Willis wrote: > > Eric Rescorla wrote: > > At Wed, 06 Aug 2008 11:51:28 -0500, > > Dean Willis wrote: > >> Eric Rescorla wrote: > >> > >>> Unfortunately, this is the same conflation of concerns that has > >>> characterized discussion of these drafts from the beginning. Quoting > >>> my review of -01 from 2007/11: > >>> > >>> This draft seems to do two distinct things: > >>> > >>> - One specify a variant of RFC 4474 which signs a lot fewer headers. > >>> [This should have said less of the message -- EKR] > >>> - Specify a set of mechanisms to cryptographically prove that a given > >>> media > >>> stream corresponds to a given SDP offer/answer. > >>> > >>> These issues are wholly orthogonal and it just confuses the discussion > >>> to try to discuss them together. > >> They may be wholly orthogonal from one point of view, but I don't think > >> they can be deployed independently. You have to have BOTH measures in > >> place to gain the benefit of the proposal. > > > > I don't see how that's the case. Can you explain? > > Signing LESS than what RFC 4474 signs opens up a whole can of worms > UNLESS the media-path key exchange is also used to prove that the > signaling and media correspond.
Hmm... In the absence of media layer encryption, I think it's a mistake to assume that the signalling and media correspond even with 4474. -Ekr _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
