I need a decision on one outstanding issue. We previously agreed that PAI could be used in any request. We recently agreed to remove specification of PAI in responses because there is no standardised means of authenticating a UAS. Brett Tate pointed out that likewise there is no standardised means of authenticating a UAC when it sends CANCEL or ACK (these cannot be challenged, and cannot be rejected if authentication is wrong). I have so far received no further opinions on this. To be consistent I believe we have to make exceptions of CANCEL and ACK and say that PAI cannot be used with these methods. If I receive no objections by 26th October I will update the draft on 27th. John _______________________________________________ Sipping mailing list https://www.ietf.org/mailman/listinfo/sipping This list is for NEW development of the application of SIP Use sip-implementors@xxxxxxxxxxxxxxx for questions on current sip Use sip@xxxxxxxx for new developments of core SIP
