Technical Summary
The SIP REFER method provides a mechanism where one party (the
referrer) gives a second party (the referee) an arbitrary URI to
reference. If that URI is a SIP URI, the referee will send a SIP
request, often an INVITE, to that URI (the refer target). This
document extends the REFER method allowing the referrer to provide
information about the REFER request to the refer target using the
referee as an intermediary. This information includes the identity
of the referrer and the URI to which the referrer referred. The
mechanism utilizes S/MIME to help protect this information from a
malicious intermediary. This protection is optional, but a recipient
may refuse to accept a request unless it is present.
The REFER method is specified in RFC 3515, which describes a general
set of security considerations in addition to those particular to
Referred-By.
Working Group Summary
The Working Group strongly supported the advancement of Referred-By,
once it was split out of the REFER document into the present design.
Protocol Quality
There was a large amount of working group review of Referred-by, which
resulted in its being split out of the original REFER method document
and the development of this mechanism and the Authentication ID Body
(under review at the same time) on which it depends. There were no
dissenting comments during WG Last Call or IETF Last Call. The
document was reviewed for the IESG by Allison Mankin.