Technical Summary
This document defines a new header for use with SIP multi-party
applications and call control. The Join header is used to logically
join an existing SIP dialog with a new SIP dialog. This primitive can
be used to enable services such as answering machine style
Message-Screening. The document includes non-normative
examples to describe the services.
The extension specified in this document significantly changes the
relative security of SIP devices. Currently in SIP, even if an
eavesdropper learns the Call-ID, To, and From headers of a dialog,
they cannot easily modify or destroy that dialog if Digest
authentication or end-to-end message integrity are used.
This extension can be used to insert or monitor potentially sensitive
content in a multimedia conversation. As such, invitations with the
Join header MUST only be accepted if the peer requesting replacement
has been properly authenticated using a standard SIP mechanism
(Digest or S/MIME), and authorized to be joined with the target
dialog. (All SIP implementations are already required to support
Digest Authentication.) Generally authorization for joins are
configured as a matter of local policy as long-duration persistent
relationships, such as the user and the message screening capability.
Specific mechanisms for authorization are described. It is also
possible to use Referred-by and the AuthID Body.
Working Group Summary
The Join header is an important element of the multi-party architecture in
SIP. There were engineering considerations to get the details right,
but there was consensus to advance this document.
Protocol Quality
Join has been implemented by multiple vendors and tested at the SIP interop
gatherings. The protocol was reviewed for the IESG by Allison Mankin.
RFC Editor Note:
Add to the end of the Security Considerations -
Section 4 describes specific mechanisms for authorization using Digest
Authentication and S/MIME (RFC 3261) and Referred-by [9], the
currently available capabilities in SIP.
The document was submitted on the cusp of RFC 3667 approval. Please replace
the boilerplate.