RE: [Sip] Authintification of Responses

["Drage, Keith (Keith)" <drage@lucent.com>]

The P-Asserted-Identity is generated by a trusted entity. In order to perform this action, the trusted entity must know who the user is, hence the concept of authentication. However that authentication does not need to be performed over each individual message. For example, in 3GPP, that authentication is performed at the time of sending a REGISTER from that user, and subsequent requests and responses are sent using the agreed security mechanism (see RFC 3329), and therefore the P-Asserted-Identity of the destination user can be added by the trusted proxy associated with that destination user to any response (or request) generated by that destination user.

For the PSTN interworking case, we effectively have two trust domains. One in the ISUP network and the other in the SIP network. Assuming that equivalent levels of trust exist between those two trust domains, which entirely within a public network environment can be assumed, then a Connected number on the BICC / ISUP side can result in a P-Asserted-Identity in a SIP response.

Keith Drage
Lucent Technologies
Tel: +44 1793 776249
Email: drage@lucent.com 

> -----Original Message-----
> From: Jesske, R [mailto:R.Jesske@telekom.de]
> Sent: 13 March 2003 08:39
> To: sip@ietf.org
> Cc: mwatson@nortelnetworks.com; Alexeitsev, D
> Subject: [Sip] Authintification of Responses
> 
> 
> Dear all,
> RFC 3325 (Private Extensions to the Session Initiation 
> Protocol (SIP) for Asserted Identity within Trusted Networks) 
> is stating that: 
> 
> The P-Asserted-Identity header field is used among trusted SIP
> entities (typically intermediaries) to carry the identity of the user
> sending a SIP message as it was verified by authentication.
> 
> From my point of view this statement includes that Requests 
> and Responses can be verified within the SIP domain. But is 
> this possible and described within SIP that a Response will 
> be also verified by authenticated if needed?
> 
> Background of this question is, if it is possible to 
> interwork a P-Asserted-ID in a Response (if this could be to 
> a connected number parameter within PSTN. The Connected 
> number within PSTN must be a trusted number.
> 
> 
> Thank You 
> 
> Best Regards
> 
> Roland Jesske
> 
> 
> 
> 
> Deutsche Telekom AG
> T Com Zentrale
> Roland Jesske, T38-12
> Section T38; Signalling, Gateways and Switching Systems 
> Am Kavalleriesand 3, 64295 Darmstadt, Germany
> Phone:  +49 6151 83-5940 
> Fax:    +49 6151 83-4577 
>  <mailto:r.jesske@telekom.de>
> 
> 
> 
> _______________________________________________
> Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors@cs.columbia.edu for questions on current sip
> Use sipping@ietf.org for new developments on the application of sip
> 
_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip