Dean Willis wrote:
On Dec 8, 2008, at 1:39 PM, Jiri Kuthan wrote:
Victor Pascual Ávila wrote:
Starting from the very beginning, I'm wondering if folks agree that:
- From URI spoofing is a problem
I would revert this question -- I'm really wondering who on the mailing
list thinks From URI is not a problem and we have good tools to deal with
it. (I also kindly ask those who think so to disclose their SIP address
to me.)
My Linksys ua-du-jour is usually hooked to a black phone with no
caller-ID display. So what do I care about From: fields?
if you don't care about who is calling you, then this is clearly
not a problem for you (Even though one could come up with distinctive
ringing but I'm not sure those who generally don't care about who is
calling them will be interested in it.)
I actually find that with GSM, caller-id is the only massively used
telephony features.
If I start getting nuisance rings, I might want to turn on null-auth so
that I at least have a traceback to a responsible IP address so that I
can send the lawyer-ninjas after somebody. In this context, what does
DERIVE give me that a null-auth doesn't?
just to be safe -- are you referring to
http://www.cs.columbia.edu/sip/drafts/sip/draft-schulzrinne-sip-null-00.pdf?
-jiri
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
