Retargeting Security in the Session Initiation Protocol (SIP)
draft-xu-yang-retargeting-security-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Yang Xu | ||
Last updated | 2007-05-11 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
As a SIP request is processed along its route to the destination, the initial request-URI can be altered without callers’ notice or consent. The caller may concern both the final call recipient’s identity and the authorities of the SIP intermediaries that alter the request-URI. Especially when the caller does not know the final call recipient, simply giving his/her identity to the caller will not help the caller to decide the legitimacy of the call. Without a secure retarget mechanism, the end-to-end security of SIP cannot be guaranteed. This document proposes a security mechanism to provide the caller with credentials of SIP intermediaries that retarget a request and the final recipient’s identity through response.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)