[Sip] new version: Security Mechanism Agreement for SIP Sessions
"Vesa Torvinen (LMF)" <Vesa.Torvinen@lmf.ericsson.se> Tue, 23 April 2002 09:15 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA09750 for <sip-archive@odin.ietf.org>; Tue, 23 Apr 2002 05:15:08 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id FAA10897 for sip-archive@odin.ietf.org; Tue, 23 Apr 2002 05:15:12 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id EAA08956; Tue, 23 Apr 2002 04:35:22 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id EAA08923 for <sip@optimus.ietf.org>; Tue, 23 Apr 2002 04:35:19 -0400 (EDT)
Received: from albatross.wise.edt.ericsson.se (albatross-ext.wise.edt.ericsson.se [193.180.251.49]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA09363 for <sip@ietf.org>; Tue, 23 Apr 2002 04:35:14 -0400 (EDT)
Received: from esealnt462.al.sw.ericsson.se (ESEALNT462.al.sw.ericsson.se [153.88.251.62]) by albatross.wise.edt.ericsson.se (8.12.1/8.12.1/WIREfire-1.4) with SMTP id g3N8ZG0E024513 for <sip@ietf.org>; Tue, 23 Apr 2002 10:35:16 +0200 (MEST)
Received: FROM esealnt400.al.sw.ericsson.se BY esealnt462.al.sw.ericsson.se ; Tue Apr 23 10:35:15 2002 +0200
Received: by esealnt400 with Internet Mail Service (5.5.2653.19) id <2JBTT30T>; Tue, 23 Apr 2002 10:35:14 +0200
Message-ID: <29F33B0CF787D51195FC0002A56B3DC10101B7E9@efijont103>
From: "Vesa Torvinen (LMF)" <Vesa.Torvinen@lmf.ericsson.se>
To: sip@ietf.org
Date: Tue, 23 Apr 2002 10:35:04 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Subject: [Sip] new version: Security Mechanism Agreement for SIP Sessions
Sender: sip-admin@ietf.org
Errors-To: sip-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Session Initiation Protocol <sip.ietf.org>
X-BeenThere: sip@ietf.org
Hi, We have submitted a new version of SIP Security Agreement draft (ex draft-arkko-sip-sec-agree-01, now draft-ietf-sip-sec-agree-00). We have changed quite many details in the draft (including the syntax, usage of option tags, etc), and added more text on behaviors expected from SIP entities using the extension. We hope this version will now better fulfill the needs of both IETF and 3GPP. If you want to see the draft before it is officially available, go to: http://standards.ericsson.net/sip/drafts/draft-ietf-sip-sec-agree-00.txt The abstract of the draft: SIP has a number of security mechanisms for hop-by-hop and end-to-end protection. Some of the security mechanisms have been built in to the SIP protocol, such as HTTP authentication or secure attachments. In these mechanisms there are even alternative algorithms and parameters. Currently it isn't possible to select which security mechanisms to use over a connection. In particular, even if some mechanisms such as OPTIONS were used to make this selection, the selection would be vul nerable against the Bidding-Down attack. This document defines a header for negotiating the security mechanisms within SIP. A SIP entity applying this mechanism must always require some minimum secu rity (i.e. integrity protection) from all communicating parties in order to secure the negotiation, but the negotiation can agree on which specific minimum security is used. All comments are most welcome! Vesa _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] new version: Security Mechanism Agreement f… Vesa Torvinen (LMF)