msec-5----Page:11
1 2 3 4 5 6 7 8 9 10 11 12 13
|
What about security risks If both parties are registered to the same SIP domain The SIP server can LIE and generate 2 SAML certs to place itself as the Man-in-the-Middle If the parties are in different domains The SIP servers can COLLUDE Each generating 2nd SAML certs Allowing either of both servers to be the Man-in-the-middle |