RE: [Sip] Ciphersuites in SIP

["Joel M. Halpern" <joel at stevecrocker.com>]

If an end-point wants real security in communicating with another 
end-point, it should sign the request it sends.
(Yes, that prevents the teleco SBC from changing things.  But you can 
not have end-to-end security and allow devices in the middle to make 
arbitrary changes.)

Yours,
Joel M. Halpern

At 03:24 AM 8/8/2006, Samir Srivastava wrote:
> > c) By providing for end-to-end security over and above
> > hop-by-hop security, the current definitions already allow
> > for servers and users to offer and utilize significantly more
> > secure capabilities than have existed heretofore.
>
> I don't understand your argument here. Can you explain. If a less secure
> hop is in between, it looses the purpose of other more secure hops.
> IP/TLS etc security is dynamic too. It will be always N+1 game. For
> example can you distinguish between two different TLS version/DTLS etc
> in the current specifications.


_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip