The Session Initiation Protocol (SIP) Referred-By Mechanism
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, sip mailing list <firstname.lastname@example.org>, sip chair <email@example.com> Subject: Protocol Action: 'The SIP Referred-By Mechanism' to Proposed Standard The IESG has approved the following document: - 'The SIP Referred-By Mechanism ' <draft-ietf-sip-referredby-06.txt> as a Proposed Standard This document is the product of the Session Initiation Protocol Working Group. The IESG contact persons are Allison Mankin and Jon Peterson. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-sip-referredby-06.txt
Technical Summary The SIP REFER method provides a mechanism where one party (the referrer) gives a second party (the referee) an arbitrary URI to reference. If that URI is a SIP URI, the referee will send a SIP request, often an INVITE, to that URI (the refer target). This document extends the REFER method allowing the referrer to provide information about the REFER request to the refer target using the referee as an intermediary. This information includes the identity of the referrer and the URI to which the referrer referred. The mechanism utilizes S/MIME to help protect this information from a malicious intermediary. This protection is optional, but a recipient may refuse to accept a request unless it is present. The REFER method is specified in RFC 3515, which describes a general set of security considerations in addition to those particular to Referred-By. Working Group Summary The Working Group strongly supported the advancement of Referred-By, once it was split out of the REFER document into the present design. Protocol Quality There was a large amount of working group review of Referred-by, which resulted in its being split out of the original REFER method document and the development of this mechanism and the Authentication ID Body (under review at the same time) on which it depends. There were no dissenting comments during WG Last Call or IETF Last Call. The document was reviewed for the IESG by Allison Mankin.