Christer Holmberg wrote:
One of the reasons for the path attribute in the first place was tomake it clear to endpoints that there were relays in the path. SBCs/ALGs are generally not that open about their presence. Sure, but do we really expect the user to really make different decissions based on that knowledge? Will the user even be informed aboutwhether there are relays in the path or not?
This is really about the infamous "lock icon".In the case of MSRP it is a quite a bit simpler problem than with phones. Most of the ground has already been broken for https.
I surely do make different sage decisions based on the lock icon in a web browser. I think people would quickly do so with a lock icon in an IM session window too, if it was properly socialized.
If I want to establish an MSRP session with you, I probably wouldn't care whether you are behind a relay or not. I would trust that the operator(s) make sure my stuff doesn't end up in the wrong hands.
Right! They have such a good track record of keeping stuff private.
And, if I have something very very very sensitive to send you, I may encrypt the payload myself, and not rely on the MSRP provided encryption - because even if I start looking at the path attributes etc I can still not be 100% that there is no intermediate somewhere.
How would you do that in a way that is usable by anyone except a programmer? Most users are dependent on the available tools.
Thanks, Paul
</brainstorming>Regards, Christer _______________________________________________ Simple mailing list Simple at ietf.org https://www.ietf.org/mailman/listinfo/simple