[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sip] SIP Identity using Media Path

To: "'Christer Holmberg \(JO/LMF\)'" <christer.holmberg@xxxxxxxxxxxx>, "'Hans Persson'" <hasse@xxxxxxxxxx>, <sip@xxxxxxxx>
Subject: RE: [Sip] SIP Identity using Media Path
From: "Dan Wing" <dwing@xxxxxxxxx>
Date: Mon, 16 Jul 2007 10:40:08 -0700
Authentication-results: sj-dkim-4; header.From=dwing@xxxxxxxxx; dkim=pass (s ig from cisco.com/sjdkim4002 verified; );
Cc: <ietf-rtpsec@xxxxxxx>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1044; t=1184607609; x=1185471609; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@xxxxxxxxx; z=From:=20=22Dan=20Wing=22=20<dwing@xxxxxxxxx> |Subject:=20RE=3A=20[Sip]=20SIP=20Identity=20using=20Media=20Path |Sender:=20; bh=sL60IKAUM2G42z+LP+izTWqb7BINMwUN/qjhmUOyqYM=; b=TUTpA4gWb06i1rNo+YiIRREXGZZRnYfSf6OG1fLp5nzXo4VLHgh2J8AjuI47Kgmebo+arCeI 4ebwexoZZlZUA3zg+689QeBf8LwGWbbHrC2XBvmiGS/x3mzJ8TXxC1vQ;
In-reply-to: <7374777208BDC7449D5620EF942325674B244E@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx
Thread-index: Ace+Gd+1mZGbB63fSbi5GA3N5+TpCwAPyvDwAlSiz8AABWk4IAADI3CrAACLdkA=

> >>The CSeq (at least the digit portion) may also be modified,
> >>for example if there has been some "dialog piggybacked" requests
> >>sent between the SBC and another entity, but not end-to-end. In
> >>that case the the SBC may have to increase the CSeq before
> >>forwarding the request, if the digit portion value has already
> >>been used in a request sent by the SBC in the same direction.
> >
> >That seems like a good opportunity, within that trust domain
> >between the SBC and the other entity, to use
> >P-Asserted-Identity.
> 
> I am not sure I understand. How could the P-A-I header be 
> used instead of the CSeq?

The SBC that wants to interfere with the CSeq when doing 'dialog
piggybacking' can go ahead and do that.  Doing that will destroy 
the validity of the SIP-Identity-Media signature for the 'dialog 
piggybacked' request.  Because the SBC and the 'other entity' 
(which is receiving the 'dialog piggybacked' message) are both
in the same trust domain, they can use P-A-I between themselves.

-d

References:
- RE: [Sip] SIP Identity using Media Path
  - From: Christer Holmberg (JO/LMF)

Prev by Date: RE: [Sip] SIP Identity using Media Path
Previous by thread: RE: [Sip] SIP Identity using Media Path
Next by thread: RE: [Sip] SIP Identity using Media Path
Index(es):
- Date
- Thread