On Fri, Feb 20, 2009 at 4:20 AM, Theo Zourzouvillys <[email protected]> wrote:
> I've just submitted an ID that discusses the inherent UDP "problem", > along with a potential workaround to stop it being used maliciously. note that it's *only* trying to solve the drive-by-shooting problem that is inherent in UDP where an attacker can just "fire and forget" by spoofing the source; it does _not_ try to solve the problem of verifying Contact or Route header values when establishing a dialog. I believe this is a separate issue (as it affects all transports, not just UDP), and am only trying to bring UDP onto the same footing as connection oriented transports. Having just read through the draft it again, it would undoubtedly make more sense to use a non 2xx response as an example instead, and remove the mention of 100rel to make it clear i'm not trying to solve that :) ~ Theo _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
