[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
You may be right that the behaviour if it is received is not specified. If a
P-Asserted-Identity is present, then I would expect the P-Preferred-Identity
to be discarded (they should not coexist). If there is no
P-Asserted-Identity, then I suppose the Proxy could behave as if the message
were received from outside the Trust Domain...
If P-Preferred-Identity is received from outside the Trust Domain, the proxy
attempts to authenticate the originator of the message.
You ask whether the proxy MAY or MUST use the P-Preferred-Identity, but I'm
not sure the question makes sense. If it were a MAY, then whether to use it
or not must be a matter of local policy for the proxy. If it were a MUST,
then as long as the P-Preferred-Identity is 'a valid identity for that user'
then it MUST use it. But the list of 'valid identities for that user' is a
matter of local policy too. So there is no difference.
For example, if the proxy NEVER uses P-Preferred-Identity, then this is
equivalent to saying that there is only one valid identity for the user.
Regards,
Mark Watson
> -----Original Message-----
> From: hbhondwe@hss.hns.com [mailto:hbhondwe@hss.hns.com]
> Sent: 29 October 2002 05:30
> To: sip@ietf.org
> Cc: hbhondwe@hss.hns.com
> Subject: [Sip] draft-ietf-sip-asserted-identity-02.txt: ppi
> from trusted
> entity
>
>
>
>
> Hi,
>
> Section 6 does not seem to explicitely specify proxy's behaviour when
> p-preferred-identity header is received by a proxy from a
> trusted entity:
>
> a)preferred identity corresponds to a valid identify known to
> the proxy for
> that user.
> -MUST the proxy use this identity or MAY it ? I assume it MUST.
> b)preferred identity does not correspond to a valid identity
> known to the
> proxy for that user.
> -Should the proxy behaviour be same as when the entity from which the
> header was received is not trusted.
>
>
> thanks
> harsh
>
>
>
>
>
>
>
>
> This message is proprietary to Hughes Software Systems
> Limited (HSS) and is
> intended solely for the use of the individual to whom it is
> addressed. It
> may contain privileged or confidential information and should not be
> circulated or used for any purpose other than for what it is
> intended. If
> you have received this message in error, please notify the originator
> immediately. If you are not the intended recipient, you are
> notified that
> you are strictly prohibited from using, copying, altering, or
> disclosing
> the contents of this message. HSS accepts no responsibility
> for loss or
> damage arising from the use of the information transmitted by
> this email
> including damage from virus.
>
>
> _______________________________________________
> Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors@cs.columbia.edu for questions on current sip
> Use sipping@ietf.org for new developments on the application of sip
>
------_=_NextPart_001_01C2801A.5AB21340
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2655.35">
<TITLE>RE: [Sip] draft-ietf-sip-asserted-identity-02.txt: ppi from =
trusted entity</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2>Harsh,</FONT>
</P>
<P><FONT SIZE=3D2>From memory, a proxy should not expect to receive =
P-Preferred-Identity from another member of the Trust Domain for =
Asserted Identity.</FONT></P>
<P><FONT SIZE=3D2>You may be right that the behaviour if it is received =
is not specified. If a P-Asserted-Identity is present, then I would =
expect the P-Preferred-Identity to be discarded (they should not =
coexist). If there is no P-Asserted-Identity, then I suppose the Proxy =
could behave as if the message were received from outside the Trust =
Domain...</FONT></P>
<P><FONT SIZE=3D2>If P-Preferred-Identity is received from outside the =
Trust Domain, the proxy attempts to authenticate the originator of the =
message.</FONT></P>
<P><FONT SIZE=3D2>You ask whether the proxy MAY or MUST use the =
P-Preferred-Identity, but I'm not sure the question makes sense. If it =
were a MAY, then whether to use it or not must be a matter of local =
policy for the proxy. If it were a MUST, then as long as the =
P-Preferred-Identity is 'a valid identity for that user' then it MUST =
use it. But the list of 'valid identities for that user' is a matter of =
local policy too. So there is no difference.</FONT></P>
<P><FONT SIZE=3D2>For example, if the proxy NEVER uses =
P-Preferred-Identity, then this is equivalent to saying that there is =
only one valid identity for the user.</FONT></P>
<P><FONT SIZE=3D2>Regards,</FONT>
</P>
<P><FONT SIZE=3D2>Mark Watson</FONT>
<BR><FONT SIZE=3D2> </FONT>
</P>
<P><FONT SIZE=3D2>> -----Original Message-----</FONT>
<BR><FONT SIZE=3D2>> From: hbhondwe@hss.hns.com [<A =
HREF=3D"mailto:hbhondwe@hss.hns.com";>mailto:hbhondwe@hss.hns.com</A>]</F=
ONT>
<BR><FONT SIZE=3D2>> Sent: 29 October 2002 05:30</FONT>
<BR><FONT SIZE=3D2>> To: sip@ietf.org</FONT>
<BR><FONT SIZE=3D2>> Cc: hbhondwe@hss.hns.com</FONT>
<BR><FONT SIZE=3D2>> Subject: [Sip] =
draft-ietf-sip-asserted-identity-02.txt: ppi </FONT>
<BR><FONT SIZE=3D2>> from trusted</FONT>
<BR><FONT SIZE=3D2>> entity</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> Hi,</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> Section 6 does not seem to explicitely specify =
proxy's behaviour when</FONT>
<BR><FONT SIZE=3D2>> p-preferred-identity header is received by a =
proxy from a </FONT>
<BR><FONT SIZE=3D2>> trusted entity:</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> a)preferred identity corresponds to a valid =
identify known to </FONT>
<BR><FONT SIZE=3D2>> the proxy for</FONT>
<BR><FONT SIZE=3D2>> that user.</FONT>
<BR><FONT SIZE=3D2>> -MUST the proxy use this identity or MAY =
it ? I assume it MUST.</FONT>
<BR><FONT SIZE=3D2>> b)preferred identity does not correspond to a =
valid identity </FONT>
<BR><FONT SIZE=3D2>> known to the</FONT>
<BR><FONT SIZE=3D2>> proxy for that user.</FONT>
<BR><FONT SIZE=3D2>> -Should the proxy behaviour be same as when the =
entity from which the</FONT>
<BR><FONT SIZE=3D2>> header was received is not trusted.</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> thanks</FONT>
<BR><FONT SIZE=3D2>> harsh</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> This message is proprietary to Hughes Software =
Systems </FONT>
<BR><FONT SIZE=3D2>> Limited (HSS) and is</FONT>
<BR><FONT SIZE=3D2>> intended solely for the use of the individual =
to whom it is </FONT>
<BR><FONT SIZE=3D2>> addressed. It</FONT>
<BR><FONT SIZE=3D2>> may contain privileged or confidential =
information and should not be</FONT>
<BR><FONT SIZE=3D2>> circulated or used for any purpose other than =
for what it is </FONT>
<BR><FONT SIZE=3D2>> intended. If</FONT>
<BR><FONT SIZE=3D2>> you have received this message in error, please =
notify the originator</FONT>
<BR><FONT SIZE=3D2>> immediately. If you are not the intended =
recipient, you are </FONT>
<BR><FONT SIZE=3D2>> notified that</FONT>
<BR><FONT SIZE=3D2>> you are strictly prohibited from using, =
copying, altering, or </FONT>
<BR><FONT SIZE=3D2>> disclosing</FONT>
<BR><FONT SIZE=3D2>> the contents of this message. HSS accepts =
no responsibility </FONT>
<BR><FONT SIZE=3D2>> for loss or</FONT>
<BR><FONT SIZE=3D2>> damage arising from the use of the information =
transmitted by </FONT>
<BR><FONT SIZE=3D2>> this email</FONT>
<BR><FONT SIZE=3D2>> including damage from virus.</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> =
_______________________________________________</FONT>
<BR><FONT SIZE=3D2>> Sip mailing list <A =
HREF=3D"https://www1.ietf.org/mailman/listinfo/sip"; =
TARGET=3D"_blank">https://www1.ietf.org/mailman/listinfo/sip</A></FONT>
<BR><FONT SIZE=3D2>> This list is for NEW development of the core =
SIP Protocol</FONT>
<BR><FONT SIZE=3D2>> Use sip-implementors@cs.columbia.edu for =
questions on current sip</FONT>
<BR><FONT SIZE=3D2>> Use sipping@ietf.org for new developments on =
the application of sip</FONT>
<BR><FONT SIZE=3D2>> </FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C2801A.5AB21340--
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip