> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean > Willis > Sent: Friday, November 21, 2008 10:56 AM > > I crate a CA cert claiming to be for "elwell.org" and use it to sign a > cert for "sip.elwell.org". > I then generate INVITE requests for everybody on the SIP mailing list, > with RFC 4474 Identity headers signed by "sip.elwell.org" and send > them off UDP. Not from a real SIP UP, but from a simple harassment > program. > > How do existing identity mechanisms protect against this?
The answer to that is simple: will you pay for the calls? -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
