RE: [Sip] Strict, Semi-Strict and Loose mode in RPH

OK, to turn it around. If "curious eyes" already can know the valid
namespace/value combinations, simply by navigating the ietf site, why
bother to hide it in the protocol messages? At least for the "published"
namespaces.

----------------------------------------------------------------------------------------

This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery. NOTE: Regardless of content, this e-mail shall not operate to
bind CSC to any order or other contract unless pursuant to explicit written
agreement or government initiative expressly permitting the use of e-mail
for such purpose.
----------------------------------------------------------------------------------------

                      "James M. Polk"                                                                                          
                      <jmpolk                  To:      Janet P Gunn/FED/CSC@CSC                                               
                      @cisco.com>              cc:      a.ephrath@ieee.org, "Ken Carlberg" <carlberg@g11.org.uk>, Darren E     
                                               Pado/FED/CSC@CSC, Dennis Q Berg/FED/CSC@CSC, fonashp@ncs.gov,                   
                      11/08/2004 10:20         KENNETH.R.ERNEY@saic.com, mosleyv@ncs.gov, nyquetek@msn.com, Richard F          
                      AM                       Kaczmarek/FED/SC/CSC@CSC, Saud Negash/FED/CSC@CSC, sip@ietf.org,                
                                               suracif@ncs.gov                                                                 
                                               Subject: RE: [Sip] Strict, Semi-Strict and Loose mode in RPH - not a   good fit 
                                               for ets and wps                                                                 

At 09:13 AM 11/8/2004 -0500, Janet P Gunn wrote:
>James said,
>
> >[JG]I am not as concerned about this case (valid namespace.valid value -
> >just not authorized).
>
>I would think this is of concern - as anyone (literally) can be in this
>group.
>
>I was thinking that it was of less concern because it is someone who
>already knows the valid namespace and value.

the RPH document is in the public domain - and we are having a fairly
public discussion about it (and its ramifications). Curious eyes are
probably reading this too.

;-)

>But you are right, if it is someone who is randomly or systematically
>trying namespace/value combinations, we just told them "you got a hit".
>So I take it back about being less concerned.
>
>Janet

cheers,
James

                                *******************
                 Truth is not to be argued... it is to be presented

_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

RE: [Sip] Strict, Semi-Strict and Loose mode in RPH - not a good fit for ets and wps