This form of strict routing ensures that a man-in-the-middle attack cannot be used
to hijack a subscriber??™s registration, for example. It ensures that all requests and responses
are sent through the same path used for the registration to reach the user.
The P-CSCF then uses this route list to enforce routing messages to the user. See
Chapter 7 for more details on this form of routing and the security procedures that use
this header.
Reply-To The REPLY-TO header is inserted by a user device upon receipt of a request.
It is used to communicate the direct address of the device for all subsequent responses
80 Chapter 3
and requests throughout a dialog. This in essence would then allow responses to bypass
the various proxies within the network and allow routing directly to the device.
Within an IMS domain, there may be concerns about routing directly to a device, bypassing
the CSCF within the network. In fact, this form of loose routing is not defined
within the IMS. The IMS procedures call for strict routing to ensure that all requests
and responses always follow the same path used during registration.
The REPLY-TO header is still supported within the IMS, but it is not necessarily
used to route responses. It is simply used to identify the direct address of the device, but
requests and responses are still routed through the CSCF entities within the network.
Pages:
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184