SIP Drafts: Security

Minutes from Pittsburgh IETF

SIP Extensions for Caller Identity and Privacy
W. Marshall et al.
November 2000.
This document describes two extensions to the Session Initiation Protocol (SIP). The extensions allow callers and callees to maintain their privacy in an environment where one or more proxies serve as intermediaries which can provide the identity of the parties either directly or indirectly. The extensions allow the parties to be identified either by name or by type, the latter of which can be used to identify some group of callers and callees.

Session setup with media authorization
L. Hamer, B. Gage
November 2000.
Current proposals dealing with authorization of media streams for multimedia services like IP telephony and video assume a pre- established relationship between elements of the network (e.g. session managers, edge routers, policy servers and end hosts). In some environments, however, such pre-established relationships may not exist either due to the complexity of creating these associations a priori (e.g. in a network with many elements), or due to the different business entities involved (e.g. service provider and access provider), or due to the dynamic nature of these associations (e.g. in a mobile environment). In this document, we describe scenarios where there is no pre- established relationship between entities and describe mechanisms for exchanging information between network elements in order to authorize the use of resources for a service and to co-ordinate actions between the session and bearer control planes.

SIP Extensions for Media Authorization
B. Marshall et al.
November 2000.
This document describes the need for call authorization and offers a mechanism for call authorization that can be used for admission control and against denial of service attacks.

Digest Authentication in SIP using RADIUS

Baruch Sterman
February 2001.
This document examines the proposal for a SIP extension to allow authentication of a user-agent through a proxy to a RADIUS server using CHAP put forward by Byerly and Williams [BYERLY]. An alternative method is offered which does not require any changes to the SIP protocol as defined in [SIP]. It also will not require any modification to the way RADIUS clients communicate with RADIUS Servers [RADIUS], although it will change the way some of the fields are interpreted by the RADIUS server.

SIP Authentication using CHAP-Password
B. Byerly, D. Williams
October 2000.
This document describes a proposed extension to SIP. This document proposes using an alternative SIP authentication mechanism for use in Proxy-Authorization or Authorization headers in order to support SIP client Authentication using backend RADIUS servers. The introduction of this extension would allow a SIP proxy (or called SIP client) to authenticate a SIP client using a backend RADIUS server.

Last updated by Henning Schulzrinne