[dispatch] SASL Authentication for SIP
Rick van Rein <rick@openfortress.nl> Sat, 15 October 2022 19:53 UTC
Return-Path: <vanrein@vanrein.org>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12EBAC14F736 for <dispatch@ietfa.amsl.com>; Sat, 15 Oct 2022 12:53:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.648
X-Spam-Level:
X-Spam-Status: No, score=-6.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=kpnmail.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NE5_PqK6-6Cm for <dispatch@ietfa.amsl.com>; Sat, 15 Oct 2022 12:53:36 -0700 (PDT)
Received: from ewsoutbound.kpnmail.nl (ewsoutbound.kpnmail.nl [195.121.94.167]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23A93C14F730 for <dispatch@ietf.org>; Sat, 15 Oct 2022 12:53:18 -0700 (PDT)
X-KPN-MessageId: f8b1e8aa-4cc2-11ed-a5a6-005056abbe64
Received: from smtp.kpnmail.nl (unknown [10.31.155.38]) by ewsoutbound.so.kpn.org (Halon) with ESMTPS id f8b1e8aa-4cc2-11ed-a5a6-005056abbe64; Sat, 15 Oct 2022 21:52:59 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kpnmail.nl; s=kpnmail01; h=content-type:mime-version:message-id:subject:to:from:date; bh=6G/CWps7kRMiprAB8Z/JIc1fqytqBEMNj2rK0ymb0h4=; b=cM+9eDxhp3dgdYb2/GwA4K/8WRbAE/76hWP2aQzI9flKeStvG4PfVpBJxPDruCZyn3A1ut5xO95DI B5U4lpg/IHwyrxde9cp5yjabIyXl1QNod2FaZNG4NK90ioXpSnDad4CbFITi2L9dgTeLtZ1+XkEKhf vHivcjsFTcXzlFW8=
X-KPN-MID: 33|QBE0Sz/uendMzoDF7XIEL5/oY0khPdbuz0HqGOkGZd+E2OmbfNfk1yfDnZlRyFn DYZnNmchp4qRFcYAuKGRMXEi/9V5pvUYpHJjHTdfZ2uo=
X-KPN-VerifiedSender: No
X-CMASSUN: 33|KjNFBqUm1DQmiDYB5KZKbKIiJRqHrxZrBAQXuTHfL/q+KQMkLjw7qzQEDPdAciG Tj16Czs/A4pxWkATFDbv9xQ==
X-Originating-IP: 77.173.183.203
Received: from fame.vanrein.org (77-173-183-203.fixed.kpn.net [77.173.183.203]) by smtp.xs4all.nl (Halon) with ESMTPSA id 01f906f8-4cc3-11ed-b5e8-005056abf0db; Sat, 15 Oct 2022 21:53:15 +0200 (CEST)
Received: by fame.vanrein.org (Postfix, from userid 1000) id 4D93F29A20; Sat, 15 Oct 2022 19:53:15 +0000 (UTC)
Date: Sat, 15 Oct 2022 19:53:15 +0000
From: Rick van Rein <rick@openfortress.nl>
To: dispatch@ietf.org
Message-ID: <20221015195315.GA11346@openfortress.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/b_bp4zjWOnTuykf85NfIV8DGHrs>
Subject: [dispatch] SASL Authentication for SIP
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Oct 2022 19:53:44 -0000
Hello, Please take the following draft into consideration for dispatch. Although SASL is a security mechanism, this is predominently a matter of embedding it into a host protocol's authentication framework. I therefore suspect that it belongs in sipcore or asap? FYI, my previous work on HTTP-SASL got routed to HTTPbis with the same reasoning. I proposed this at sipcore, but was asked to present it here first. I will be in London and, if so desired, could present on this. Not sure if that is the [nf]orm though. Thanks, -Rick ----- 8< -------- 8< -------- 8< -------- 8< -------- 8< ----- A new version of I-D, draft-vanrein-sipauth-sasl-01.txt has been successfully submitted by Rick van Rein and posted to the IETF repository. Name: draft-vanrein-sipauth-sasl Revision: 01 Title: SASL Authentication for SIP Document date: 2022-10-14 Group: Individual Submission Pages: 13 URL: https://www.ietf.org/archive/id/draft-vanrein-sipauth-sasl-01.txt Status: https://datatracker.ietf.org/doc/draft-vanrein-sipauth-sasl/ Htmlized: https://datatracker.ietf.org/doc/html/draft-vanrein-sipauth-sasl Diff: https://www.ietf.org/rfcdiff?url2=draft-vanrein-sipauth-sasl-01 Abstract: Many protocols benefit from "pluggable" authentication choice as a result of SASL authentication. In the Session Initiation Protocol, the independent branch of HTTP Authentication has been elected. Recent progress has been made in bringing SASL to HTTP, but SIP has its own special considerations and needs its own embedding to gain the flexibility of SASL.
- [dispatch] SASL Authentication for SIP Rick van Rein
- Re: [dispatch] SASL Authentication for SIP Eric Rescorla
- Re: [dispatch] SASL Authentication for SIP Rick van Rein
- Re: [dispatch] SASL Authentication for SIP Eric Rescorla
- Re: [dispatch] SASL Authentication for SIP Rick van Rein
- Re: [dispatch] SASL Authentication for SIP Eric Rescorla
- Re: [dispatch] SASL Authentication for SIP Rick van Rein
- Re: [dispatch] SASL Authentication for SIP Eric Rescorla