40 likes | 57 Views
End-to-middle Security in SIP draft-ietf-sip-e2m-sec-00.txt. Kumiko Ono NTT Corporation. Open Issues. #1: UAC is expected to differently react with a 493 (Undecipherable) error, depending on its sender. The error response doesn't include who the sender is. Options:
E N D
End-to-middle Security in SIPdraft-ietf-sip-e2m-sec-00.txt Kumiko Ono NTT Corporation
Open Issues #1: UAC is expected to differently react with a 493 (Undecipherable) error, depending on its sender. • The error response doesn't include who the sender is. • Options: • A new error code for proxy, 496 Proxy Undecipherable • The same error code, use the URI in the PKC appended to the response. #2: How does a proxy request to disclose a specific Content-Type or the whole body? • In the current version, a proxy server responds with an error code and Warning header indicating which Content-Type is to be disclosed. i.e., “Warning: 380 proxy.com "Required to view ' application/sdp ‘” • There is no way to request the disclosure of whole body. • Proposal An error code without Warning header has the semantics of proxy’s requesting the disclosure of the whole body.
Open Issues (contd.) #3: Do we need the labeling mechanism to instruct a proxy server to validate the signature? • A minor usecase. • Options: 1. Leave it, 2. Drop it. #4: How does a UA know if the target proxy server complied to the UA’s request? • Options • Proxy adds a flag in the response. • Proxy rejects when it can’t comply to the UA’s request. 3. No need.
Next Steps • Any other open issues? • Can we get some experts’ review?