[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Protocol Action: 'Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)' to Proposed Standard

To: IETF-Announce <ietf-announce at ietf.org>
Subject: Protocol Action: 'Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)' to Proposed Standard
From: The IESG <iesg-secretary at ietf.org>
Date: Mon, 09 Jan 2006 10:55:18 -0500
Cc: sip mailing list <sip at ietf.org>, sip chair <rohan at ekabal.com>, Internet Architecture Board <iab at iab.org>, sip chair <dean.willis at softarmor.com>, RFC Editor <rfc-editor at rfc-editor.org>
List-help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-id: ietf-announce.ietf.org
List-post: <mailto:ietf-announce@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
Sender: ietf-announce-bounces at ietf.org

The IESG has approved the following document:

- 'Enhancements for Authenticated Identity Management in the Session Initiation 
   Protocol (SIP) '
   <draft-ietf-sip-identity-06.txt> as a Proposed Standard

This document is the product of the Session Initiation Protocol Working Group. 

The IESG contact persons are Allison Mankin and Jon Peterson.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-identity-06.txt

Technical Summary
 
   The existing security mechanisms in the Session Initiation Protocol
   are inadequate for cryptographically assuring the identity of the end
   users that originate SIP requests, especially in an interdomain
   context.  This document specifies a mechanism for securely identifying
   originators of SIP messages.  It does so by defining two new SIP
   header fields, Identity, for conveying a signature used for
   validating the identity, and Identity-Info, for conveying a reference
   to the certificate of the signer.  It specifies the mechanisms and
   procedures for using these and how they can be used with the
   existing SIP privacy capabilities.

   It is desirable for SIP user agents to be able to send requests to
   destinations with which they have no previous association - just as
   in the telephone network today, one can receive a call from someone
   with whom one has no previous association, and still have a
   reasonable assurance that their displayed Caller-ID is accurate.  A
   cryptographic approach, like the one described in this document, can
   probably provide a much stronger and less-spoofable assurance of
   identity than the telephone network provides today.


Working Group Summary
 
 This specification required a number of tries and much analysis.  
 There was strong consensus on the solution by the time it reached
 the version in this draft.
 
Protocol Quality
 
 Eric Rescorla provided early architectural review of the work.
 The careful reading by the GEN-ART reviewer, Lakshminath
 Dondeti was valuable.  Allison Mankin is the Responsible Area Director.


_______________________________________________
IETF-Announce mailing list
IETF-Announce at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce

Prev by Date: Protocol Action: 'Rivest-Shamir-Adleman (RSA) key exchange for the Secure Shell (SSH) Transport Layer Protocol' to Proposed Standard
Next by Date: Protocol Action: 'Optimistic Duplicate Address Detection for IPv6' to Proposed Standard
Previous by thread: Protocol Action: 'Rivest-Shamir-Adleman (RSA) key exchange for the Secure Shell (SSH) Transport Layer Protocol' to Proposed Standard
Next by thread: Protocol Action: 'Optimistic Duplicate Address Detection for IPv6' to Proposed Standard
Index(es):
- Date
- Thread