B2BUAs, and SBCs, need to provide their features to their customers (service providers), and can *also* provide end-to- end identity. The two requirements are not mutually exclusive, and I don't understand what causes that argument to persist. Please talk to your favorite SBC vendor and ask them.
And when SIP spam becomes a problem (do you doubt it will?) it will be much easier if we have a specification that can solve the problem -- otherwise, vendors will be rushed to create something that may not work as well as an IETF- designed solution. Spam won't wait for the IETF. -d > -----Original Message----- > From: Attila Sipos [mailto:[EMAIL PROTECTED] > Sent: Friday, October 31, 2008 12:34 AM > To: Juha Heinanen; Elwell, John > Cc: [email protected]; Dan Wing > Subject: B2B-UA's provide an unsolveable identity problem > (was RE: [Sip] submission of a new I-D: "Dialog Event > foRIdentityVErification") > > >>i strongly disagree. b2bua is just an ua. if you you > build or deploy > >>such boxes, it is your headache, not sip wg's. > > I agree with Juha here. > > Every attempt at fixing identity problems (and they have been clever > solutions) has been hindered with the "but it won't work with B2BUAs" > argument. > > The problem is not "it won't work with B2BUAs" - the problem is that > B2BUA identity and security problems are unsolveable anyway. A B2BUA > cannot be forced to do anything because even if you said "it must do > this and that", a B2BUA can do what it wants anyway (I'm sure > we've all > seen this). Even if B2BUAs agreed to do certain things, one would > always enf up with something else that gets B2B'ed. > > It is no different to trying to solve the problem of 2 > telephones taped > together. > > You can only trust things up to a certain boundary. And the > boundaries > of SIP are the UAs. The best that SIP can do is to control > what happens > between a UA and another UA (and proxies in between) and that's it. > > Regards, > > Attila > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Juha Heinanen > Sent: 31 October 2008 06:31 > To: Elwell, John > Cc: [email protected]; Dan Wing > Subject: Re: [Sip] submission of a new I-D: "Dialog Event > foRIdentityVErification" > > Elwell, John writes: > > > > I support draft-kuthan-sip-derive-00, and hope the WG > can devote > > > time and energy to improving and standardizing it to work well > > > across a variety of networks. > > [JRE] I agree. This must include networks that contain B2BUAs/SBCs. > > i strongly disagree. b2bua is just an ua. if you you build or deploy > such boxes, it is your headache, not sip wg's. it is enough that this > work is based on rfc3261 components. > > -- juha > > > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol Use > [EMAIL PROTECTED] for questions on current sip Use > [EMAIL PROTECTED] for new developments on the application of sip _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
