The Session Initiation Protocol (SIP) "Join" Header
draft-ietf-sip-join-03

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    sip mailing list <sip@ietf.org>, 
    sip chair <sip-chairs@tools.ietf.org>
Subject: Protocol Action: 'The Session Inititation Protocol 
         (SIP) 'Join' Header' to Proposed Standard 

The IESG has approved the following document:

- 'The Session Inititation Protocol (SIP) 'Join' Header '
   <draft-ietf-sip-join-04.txt> as a Proposed Standard

This document is the product of the Session Initiation Protocol Working 
Group. 

The IESG contact persons are Allison Mankin and Jon Peterson.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-join-04.txt

Ballot Text

Technical Summary
 
   This document defines a new header for use with SIP multi-party
   applications and call control. The Join header is used to logically
   join an existing SIP dialog with a new SIP dialog.   This primitive can
   be used to enable services such as answering machine style
   Message-Screening.  The document includes non-normative 
   examples to describe the services.

  The extension specified in this document significantly changes the
   relative security of SIP devices.  Currently in SIP, even if an
   eavesdropper learns the Call-ID, To, and From headers of a dialog,
   they cannot easily modify or destroy that dialog if Digest
   authentication or end-to-end message integrity are used.

   This extension can be used to insert or monitor potentially sensitive
   content in a multimedia conversation.  As such, invitations with the
   Join header MUST only be accepted if the peer requesting replacement
   has been properly authenticated using a standard SIP mechanism
   (Digest or S/MIME), and authorized to be joined with the target
   dialog.  (All SIP implementations are already required to support
   Digest Authentication.)  Generally authorization for joins are
   configured as a matter of local policy as long-duration persistent
   relationships, such as the user and the message screening capability.
 
   Specific mechanisms for authorization are described.  It is also
   possible to use Referred-by and the AuthID Body.

   
 Working Group Summary
 
 The Join header is an important element of the multi-party architecture in
 SIP.  There were engineering considerations to get the details right, 
 but there was consensus to advance this document.  
 
Protocol Quality
 
 Join has been implemented by multiple vendors and tested at the SIP interop
 gatherings.  The protocol was reviewed for the IESG by Allison Mankin.

RFC Editor Note:

Add to the end of the Security Considerations -

Section 4 describes specific mechanisms for authorization using Digest 
Authentication and S/MIME (RFC 3261) and Referred-by [9], the
currently available capabilities in SIP.

The document was submitted on the cusp of RFC 3667 approval.  Please replace
the boilerplate.

RFC Editor Note