[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Signing P-Asserted-Identity

To: Hadriel Kaplan <HKaplan at acmepacket.com>
Subject: Re: [Sip] Signing P-Asserted-Identity
From: Michael Thomas <mat at cisco.com>
Date: Tue, 08 Jul 2008 11:36:53 -0700
Authentication-results: imail.cisco.com; header.From=mat at cisco.com; dkim=pass ( sig from cisco.com/oregon verified; );
Cc: "sip at ietf.org" <sip at ietf.org>
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=2220; t=1215540909; x=1216404909; c=relaxed/simple; s=oregon; h=To:Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mat at cisco.com; z=From:=20Michael=20Thomas=20<mat at cisco.com> |Subject:=20Re=3A=20[Sip]=20Signing=20P-Asserted-Identity |Sender:=20 |To:=20Hadriel=20Kaplan=20<HKaplan at acmepacket.com>; bh=GPsmvMsxjqZwyTlQ5WDhvTU2p2c/+J11kxPzUu8ijYc=; b=sxBGP9t5SKUEzRVb5lPRt+xhWhr4x8y+jckKQEQnTd3LnEsMD+ZmMaROs9 nA4sOp0frycEvxtToqUTjwZdKIbHvgw18WQ6Bf2qPt1aXYQ8UBbYJ9MGInEN OeUp2pMmIF;
In-reply-to: <E6C2E8958BA59A4FB960963D475F7AC30EEDF3C361@mail.acmepacket.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <E6C2E8958BA59A4FB960963D475F7AC30EEDF3C361@mail.acmepacket.com>
Sender: sip-bounces at ietf.org
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.14) Gecko/20080421 Thunderbird/2.0.0.14 Mnenhy/0.7.5.666

I thought that the beauty of P-A-I was that my telco can happily claim that
I'm the Queen of the Night without all the bother of checking to see if
I'm a soprano, or can even sing that many notes in a row. So I guess
I don't see what the point is being extra sure that the fiction is a super
reliable fiction.

And since it seems to only be within a given administrative realm, why
isn't TLS or many other possible techniques adequate?

      Mike

Hadriel Kaplan wrote:

Howdy,
As the discussions about RFC4474 Identity, E.164, and all that seem of the type that will take a very long time to resolve, I've submitted an ID about a private extension for "Asserter Identity", which works in concert with the P-Asserted-Identity mechanism.  It works very similarly to RFC4474, but doesn't sign quite the same things, and can be used to sign TEL URI's, fwiw.

Comments welcomed, of course.

        Title           : Private Extensions to the Session Initiation Protocol (SIP) for Asserter Identification within Trusted Networks
        Author(s)       : H. Kaplan
        Filename        : draft-kaplan-sip-asserter-identity-00.txt
        Pages           : 18
        Date            : 2008-07-07

This document describes private extensions to the Session Initiation Protocol (SIP) that enable a network of trusted SIP servers to identify the asserter of private user identity defined in RFC 3325.  The use of these extensions is only applicable inside a set of administrative domains with previously agreed-upon policies for generation, transport and usage of such information.
This document does NOT offer a general identity model suitable for use between different trust domains, or use in the Internet at large.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-kaplan-sip-asserter-identity-00.txt

-hadriel
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip


_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Signing P-Asserted-Identity
  - From: Hadriel Kaplan

References:
- [Sip] Signing P-Asserted-Identity
  - From: Hadriel Kaplan

Prev by Date: Re: [Sip] Defining a References header to assist with diagnostics
Next by Date: Re: [Sip] On the need for a visual identifier of trusted identity - Fwd: I-D Action:draft-york-sip-visual-identifier-trusted-identity-00.txt
Previous by thread: Re: [Sip] Signing P-Asserted-Identity
Next by thread: Re: [Sip] Signing P-Asserted-Identity
Index(es):
- Date
- Thread