On Thu, Jul 7, 2011 at 9:56 AM, Sam Hartman
<[log in to unmask]> wrote:
>>>>>> "Gabriel" == Gabriel López <[log in to unmask]> writes:
> Gabriel> Have you analysed how this process (I count 18 messages for 4 realms
> Gabriel> without routing and attribute request exchanges) could affect specific
> Gabriel> services like SIP?
>
> So, currently ABFAB does not target SIP.
> In general I'd expect you to use the same SIP registration server
> regardless of your current location.
>
> However if we did target SIP and you did happen to use a registration
> server far away from your IDP, it would mean that you'd need 18 messages
> and introduce some delay for your first registration. In most sip
> deployments beyond that, the number of messages would be the same as it
> is with some central authentication server after that because the
> registration would be cached.
Also, presumably the trust path routes won't change/flap anywhere near
as often as IP routes, right? So it should be safe to cache these
paths for quite a while. Also, validation of cached paths could be
done asynchronously, in the background.
Nico
--
|