[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03

To: Victor Pascual Ávila <victor.pascual.avila at gmail.com>
Subject: Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
From: "Nils Ohlmeier" <lists at ohlmeier.org>
Date: Fri, 13 Mar 2009 13:15:28 +0100 (CET)
Cc: Nils Ohlmeier <lists at ohlmeier.org>, sip at ietf.org, Stuart Hoggan <s.hoggan at cablelabs.com>, steve.dotson at cox.com
Delivered-to: sip at core3.amsl.com
Importance: Normal
In-reply-to: <618e24240903121521k2f62031bscb88d2ae5580063a at mail.gmail.com>
List-archive: <http://www.ietf.org/mail-archive/web/sip>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <828cd554936c9f74cee1a9351f03aaed.squirrel at www.ohlmeier.com> <9AAEDF491EF7CA48AB587781B8F5D7C601A1AB2B at srvxchg3.cablelabs.com> <618e24240903121521k2f62031bscb88d2ae5580063a at mail.gmail.com>
User-agent: SquirrelMail/1.4.15

> On Thu, Mar 12, 2009 at 9:24 PM, Sumanth Channabasappa
> <sumanth at cablelabs.com> wrote:
> (snip)
>> In any case, please refer to the following small thread (3 emails) for
>> the feedback I received during offline discussions at the last IETF:
>>
>> http://www.ietf.org/mail-archive/web/sip/current/msg25882.html
>
>>From [1]: "the UA trusts its connection with the next-hop and does not
> need to authenticate any elements beyond the next-hop"
>
> [1] http://www.ietf.org/mail-archive/web/sip/current/msg25890.html
>
> Could you please develop this assumption?

I also do not understand this sentense. It sounds like the IP connection
to the next hop is so trustworthy that we could use clear text passwords
instead of digest auth?!
But I think that such conditions would only be given when we use TLS or
IPSec, in which case digest mutual auth makes no real sense any more.

Regards
  Nils

References:
- [Sip] Question regarding draft-dotson-sip-mutual-auth-03
  - From: Nils Ohlmeier
- Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
  - From: Sumanth Channabasappa
- Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
  - From: Victor Pascual Ávila

Prev by Date: Re: [Sip] [Sipping] Pls clarify on session timer
Next by Date: Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
Previous by thread: Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
Next by thread: Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
Index(es):
- Date
- Thread