Re: [sipcore] Yet more comments on rfc4244bis-02

[Hadriel Kaplan <HKaplan@acmepacket.com>]

On Nov 8, 2010, at 5:21 AM, Paul Kyzivat wrote:

> Why do you think that Privacy:none is not important for H-I?
> IIUC, Privacy:none is a way for a caller to get identity info passed e2e
> even if there are SPs along the path that wish to block things.
> 
> Why would that not apply to H-I as well? I may want the callee to know
> the history of the call even if my SP does not wish that.

I can't comment on the "none" setting bit, but expecting it to prevent an SP from anonymizing (or more likely, removing) H-I entries is silly.  Most of the H-I entries have absolutely nothing to do with the *caller*, and in fact are far more revealing about the SP's equipment/nodes than revealing anything about the caller's identity.

Even *allowing* a UAC to tell some downstream node what the downstream node can/cannot reveal about the downstream node is a joke.

Think of it this way: let's say we were talking about email SMTP, and there were some SMTP header named "Privacy" which you could set to tell your Cisco email server to anonymize your name from the email you send out.  Imagine that the Cisco Email server was actually a cluster of decomposed roles in separate physical boxes, with some internal SMTP message passing between the boxes. (like one did storage, one did virus checking access, one did spam filtering, one was for external SMTP, etc.)  Between each of these systems they add a History-Info header.  Now imagine the Cisco IT department removes these H-I headers when an email gets sent out of Cisco, in order to not reveal this internal design and addresses.  Do you really think Cisco's IT department would allow your email client to tell their servers to expose these headers?? 

-hadriel