For example: Look at what is being used in XMPP. There is no equalivalent of SIP Identity -- folks are currently looking into providing certificates for server-to-server communication.
Even though they are, from a deployment point of view, ahead they are not even close to where we are with our documents.
Ciao HannesPS: I also believe that the SIP Identity case isn't an easy one either. The guys that would make use of SIP Identity for a deployment where the two SIP proxies talk to each other there would not be a need for SIP Identity since you are essentially replicating what TLS provides you at a lower layer already. In cases where there many SIP proxies along the path SIP Identity would be useful since it provides protection against any one of them being malicious. However, the guys who favour such a deployment model are the onces that believe very much in the chain of trust (hop-by-hop security). They have no interest in using SIP Identity.
Dan Wing wrote:
draft-ietf-sip-saml-- I'm not sure this one is ever getting done. So I'm not sure there's enough there to justify a WG.How about an "Identity in SIP" working group that takes on fixing RFC 4474 for gateways/b2buas and possibly considers identity/role assertion using SAML?I agree we need that. I have tried, and so far failed, to initiate activity towards such an effort. -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors at cs.columbia.edu for questions on current sip Use sipping at ietf.org for new developments on the application of sip
_______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors at cs.columbia.edu for questions on current sip Use sipping at ietf.org for new developments on the application of sip