Dialog Event foR Identity VErification
draft-kuthan-sip-derive-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Dorgham Sisalem , Victor Pascual , Raphael Coeffic | ||
| Last updated | 2008-10-27 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document provides a simple mechanism to prevent an attacker from presenting a forged "From" header field. It offers an end-to-end identity assumption which does not require any previous association or trust relationship between administrative domains or the UAs. The UAS verifies the "From" header by subscribing to the Dialog Event package [RFC 4235] at the AOR in the "From" header field. If the entity calling is registered under this AOR, it will confirm that it is calling by sending some valid dialog state. In this case, the identity of the caller is considered to be verified.
Authors
Dorgham Sisalem
Victor Pascual
Raphael Coeffic
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)