"See IMS". 3GPP references our standards, we can reference theirs.
On Oct 24, 2008, at 1:10 AM, Elwell, John wrote:
Dean,
It seemed that to get the draft through IESG, it needed to cite at
least
one mechanism by which a response can be authenticated (likewise ACK
and
CANCEL). The mechanism in earlier drafts, whereby the response is
received over a TLS connection over which digest authentication had
previously taken place, was shown to be flawed. Nobody seemed able to
offer a robust and standardised alternative. If somebody can put
forward
a robust and standardised alternative that can convince those with
concerns, I would be happy to re-instate the response stuff.
John
-----Original Message-----
From: Dean Willis [mailto:dean.willis@xxxxxxxxxxxxx]
Sent: 23 October 2008 19:46
To: Elwell, John
Cc: sipping@xxxxxxxx
Subject: Re: Decision needed on final issue with
draft-ietf-sipping-update-pai-07
On Oct 23, 2008, at 9:18 AM, Elwell, John wrote:
I need a decision on one outstanding issue. We previously
agreed that
PAI could be used in any request. We recently agreed to remove
specification of PAI in responses because there is no standardised
means
of authenticating a UAS. Brett Tate pointed out that
likewise there is
no standardised means of authenticating a UAC when it sends
CANCEL or
ACK (these cannot be challenged, and cannot be rejected if
authentication is wrong). I have so far received no further
opinions
on
this. To be consistent I believe we have to make exceptions
of CANCEL
and ACK and say that PAI cannot be used with these methods.
If I receive no objections by 26th October I will update
the draft on
27th.
The problems is that some network architectures DO allow
authentication of both responses and CANCEL/ACK.
PAI is quite widely used in those networks. In fact, it came
to us as
a P-header for use specifically in those networks.
What is probably needed is an applicability statement that explains
the environment in which PAI is usable in "digest authenticable
requests" , and goes on to explain the environment in which PAI is
usable in other requests and responses.
--
Dean
_______________________________________________
Sipping mailing list https://www.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors@xxxxxxxxxxxxxxx for questions on current sip
Use sip@xxxxxxxx for new developments of core SIP
