I'd like to echo Alan's point here...
4. In the security considerations of most SIP extensions, we inevitably
end up referring to S/MIME. However, we know that there is no S/MIME
deployments with SIP, essentially making the resulting security
considerations irrelevant. Perhaps some guidance on practical security
considerations would be worthwhile going forward, given the heavy reliance
on hop-by-hop security and transitive trust in deployed SIP systems.
We've got to quit pointing to S/MIME when we know that no one believes us!
The input I'm getting from SIPconnect/1.1 contributors is that they're not
even excited about hop-by-hop TLS - a fair number of deployments are running
wide open. I'm thinking this isn't going to end well.
Thanks,
Spencer
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf