[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sip] II digit & Calling Name

To: "'Henning G. Schulzrinne'" <hgs@cs.columbia.edu>
Subject: RE: [Sip] II digit & Calling Name
From: Jonathan Rosenberg <jdrosen@dynamicsoft.com>
Date: Thu, 21 Jun 2001 03:15:12 -0400
Cc: "'Dean Willis'" <dean.willis@softarmor.com>, Romel Khan <rkhan@net2phone.com>, sip@ietf.org
List-Id: Session Initiation Protocol <sip.ietf.org>
Sender: sip-admin@ietf.org



 

> -----Original Message-----
> From: Henning G. Schulzrinne [mailto:hgs@cs.columbia.edu]
> Sent: Saturday, June 16, 2001 10:19 AM
> To: Jonathan Rosenberg
> Cc: 'Dean Willis'; Romel Khan; sip@ietf.org
> Subject: Re: [Sip] II digit & Calling Name
> 
> > 
> > One might also argue that, if you want to allow the network 
> to provide and
> > validate a user identity, then you might want the network 
> to provide and
> > validate a device identity (i.e., the Contact). This would 
> argue for the
> > equivalent of remote-party-id for Contact. To be honest, I 
> never understood
> > why we didn't have the header called Auth-From, and now we 
> might want to
> > think about Auth-Contact.....
> > 
> 
> It seems pretty clear that the privacy draft makes rather traditional
> assumptions about the network architecture, for example, that 
> the entity
> doing the identity checking is implied and requires no identification.
> However, without cryptographic authentication of the 
> verifier, it's not
> clear how useful this whole scheme is outside tightly constrained
> network architectures and rather old-fashioned trust relationships.

I agree that having cryptographic identification of the verifier is a good
thing, as there will definitely be cases where there is not a transitivity
of trust. My point is that the verification can be done for two things - to
verify the user, and to verify the device. In that case, one might imagine
both a Auth-From and Auth-Contact header (same idea as Remote-Party-ID, but
renamed to indicate which information is being provided), both of which
would need to have cryptographic authentication of the verifier.

-Jonathan R.

---
Jonathan D. Rosenberg, Ph.D.                72 Eagle Rock Ave.
Chief Scientist                             First Floor
dynamicsoft                                 East Hanover, NJ 07936
jdrosen@dynamicsoft.com                     FAX:   (973) 952-5050
http://www.jdrosen.net                      PHONE: (973) 952-5000
http://www.dynamicsoft.com

_______________________________________________
Sip mailing list
Sip@ietf.org
http://www.ietf.org/mailman/listinfo/sip

Prev by Date: RE: [Sip] new open issue in session timer: NEEDS resolution now!
Next by Date: RE: [Fwd: [Fwd: [Sip] Few tiny issues with SDP section of bis3]]
Previous by thread: Re: [Sip] II digit & Calling Name
Next by thread: RE: Session timer response code (was RE: [SIP] Session timer consider ed harmful (was RE: draft-ietf-sip-session- timer: refresh rate))
Index(es):
- Date
- Thread