Re: [sip-ops] [dispatch] draft-lawrence-sip-3rd-party-authorization-00

"Mary Barnes" <mary.barnes@nortel.com> Thu, 11 June 2009 13:45 UTC

Return-Path: <mary.barnes@nortel.com>
X-Original-To: sip-ops@core3.amsl.com
Delivered-To: sip-ops@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4ABBA3A6AFA; Thu, 11 Jun 2009 06:45:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.585
X-Spam-Level:
X-Spam-Status: No, score=-6.585 tagged_above=-999 required=5 tests=[AWL=0.014, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jxKHEKobPHui; Thu, 11 Jun 2009 06:45:11 -0700 (PDT)
Received: from zcars04e.nortel.com (zcars04e.nortel.com [47.129.242.56]) by core3.amsl.com (Postfix) with ESMTP id 2A0493A693C; Thu, 11 Jun 2009 06:45:11 -0700 (PDT)
Received: from zrc2hxm0.corp.nortel.com (zrc2hxm0.corp.nortel.com [47.103.123.71]) by zcars04e.nortel.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id n5BDhs307375; Thu, 11 Jun 2009 13:43:55 GMT
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 11 Jun 2009 08:47:43 -0500
Message-ID: <1ECE0EB50388174790F9694F77522CCF1E727FEF@zrc2hxm0.corp.nortel.com>
In-Reply-To: <1241379400.3528.50.camel@scott>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [dispatch] draft-lawrence-sip-3rd-party-authorization-00
Thread-Index: AcnMJo0K7J8DEyoPR4Wk1evGXxhUVAedGCrQ
References: <1241379400.3528.50.camel@scott>
From: "Mary Barnes" <mary.barnes@nortel.com>
To: "RAI DISPATCH" <dispatch@ietf.org>
Cc: SIP Operations <sip-ops@ietf.org>
Subject: Re: [sip-ops] [dispatch] draft-lawrence-sip-3rd-party-authorization-00
X-BeenThere: sip-ops@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Operations <sip-ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-ops>, <mailto:sip-ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-ops>
List-Post: <mailto:sip-ops@ietf.org>
List-Help: <mailto:sip-ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-ops>, <mailto:sip-ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2009 13:45:12 -0000

Hi folks,

There seems to be sufficient interest in this topic to warrant f2f
agenda time in Stockholm. However, additional feedback prior to IETF-75
is necessary to ensure that progress can be made in Stockholm. 

Thanks,
Mary. 
DISPATCH WG co-chair

-----Original Message-----
From: dispatch-bounces@ietf.org [mailto:dispatch-bounces@ietf.org] On
Behalf Of Lawrence, Scott (BL60:9D30)
Sent: Sunday, May 03, 2009 2:37 PM
To: RAI DISPATCH
Cc: SIP Operations
Subject: [dispatch] draft-lawrence-sip-3rd-party-authorization-00

draft-lawrence-sip-3rd-party-authorization-00.txt has been submitted by
Scott Lawrence and posted to the IETF repository.

Filename:	 draft-lawrence-sip-3rd-party-authorization
Revision:	 00
Title:		 Third Party Authorization in the Session Initiation
Protocol
Creation_date:	 2009-05-03
WG ID:		 Independent Submission
Number_of_pages: 15

Abstract:
        This draft describes some circumstances that are common in SIP
        deployments which lack a rigorous authorization model, and
points out
        some ways in which this has resulted in poor security
        characteristics.
        
        The purpose of this document is to stimulate discussion of the
        identified problem and proposed requirements for any solution.

In this draft, I lay out a case for why SIP would benefit from an
authorization model that allows for one party to send a request to a
second party who must decide whether or not to allow the request, but
have a third party provide an explicit authorization in the request.
The goal is to allow separation of the evaluation of a request with
respect to a security policy from other parts of responding to the
request.

I _do_not_ include any discussion in this draft of _how_ the
requirements it lists could or should be met.  While I'm very interested
in that discussion, I think it's important to first discover whether or
not there is agreement in the SIP community that there really is a
problem and what part or parts of that problem need to be solved; this
draft is focused on that discussion.



_______________________________________________
dispatch mailing list
dispatch@ietf.org
https://www.ietf.org/mailman/listinfo/dispatch