Dean Willis wrote:
On Oct 28, 2008, at 11:05 PM, Dan Wing wrote:
Would the SBC not have to handle the SUBSCRIBE request locally? After
all, since it is a terminal UA for the call, it also knows
about all the
dialog states. The end-user UA would never even see the SUBSCRIBE.
If that's a problem, just use some different method that goes end to
end. The always-loved INFO comes to mind.
What makes you think that INFO goes end to end? An SBC can absorb it
if it wants to.
And, in any case, you can't send an INFO out of dialog. So you can't
route it to the address in the From -- all you can do is route it back
along the dialog path. And, of course, *that's* going to work. If it's a
legitimate call, you'll reach the legitimate caller, who will confirm
the call is legitimate. If it's a forged call, you'll reach the
attacker, who will confirm the call is legitimate.
/a
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
