IETF Logo Mail Archive

RE: AW: [Sipping] FYI: RADIUS & SIP

"Beck01, Wolfgang" <BeckW@t-systems.com> Thu, 31 July 2003 07:01 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA13937 for <sipping-archive@odin.ietf.org>; Thu, 31 Jul 2003 03:01:36 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19i7R0-00009S-8U for sipping-archive@odin.ietf.org; Thu, 31 Jul 2003 03:01:10 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6V71AcB000576 for sipping-archive@odin.ietf.org; Thu, 31 Jul 2003 03:01:10 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19i7R0-00009D-3c for sipping-web-archive@optimus.ietf.org; Thu, 31 Jul 2003 03:01:10 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA13927 for <sipping-web-archive@ietf.org>; Thu, 31 Jul 2003 03:01:05 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19i7Qw-0000Dh-00 for sipping-web-archive@ietf.org; Thu, 31 Jul 2003 03:01:06 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19i7Qv-0000De-00 for sipping-web-archive@ietf.org; Thu, 31 Jul 2003 03:01:05 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19i7Qs-00008D-U3; Thu, 31 Jul 2003 03:01:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19i7QZ-00007K-Et for sipping@optimus.ietf.org; Thu, 31 Jul 2003 03:00:43 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA13905 for <sipping@ietf.org>; Thu, 31 Jul 2003 03:00:38 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19i7QV-0000DL-00 for sipping@ietf.org; Thu, 31 Jul 2003 03:00:39 -0400
Received: from mail1.telekom.de ([62.225.183.202]) by ietf-mx with esmtp (Exim 4.12) id 19i7QU-0000D9-00 for sipping@ietf.org; Thu, 31 Jul 2003 03:00:38 -0400
Received: from g9jbr.mgb01.telekom.de by G8SBV.dmz.telekom.de with ESMTP for sipping@ietf.org; Thu, 31 Jul 2003 09:00:08 +0200
Received: by G9JBR.mgb01.telekom.de with Internet Mail Service (5.5.2653.19) id <PY6TY41F>; Thu, 31 Jul 2003 09:00:05 +0200
Message-Id: <ADD42C8394EBD4118A3D0003470C18F00950F3C6@G9JJT.mgb01.telekom.de>
From: "Beck01, Wolfgang" <BeckW@t-systems.com>
To: sipping@ietf.org
Subject: RE: AW: [Sipping] FYI: RADIUS & SIP
Date: Thu, 31 Jul 2003 09:00:03 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Sender: sipping-admin@ietf.org
Errors-To: sipping-admin@ietf.org
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Id: SIPPING Working Group (applications of SIP) <sipping.ietf.org>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>


> The utility of SIM cards has been recognized for Internet-side 
> authentication like EAP-SIM based WLAN roaming, in particular 
> as there is an existing billing and authentication machinery
> which one can plug into from the Internet side. However, SIM
> cards could also be used in a strictly Internet-only service
> provider context as well.

Having something like SIM cards in SIP phones is a good idea.
However, the GSM SIM card security mechanisms are obscure and
have been broken. The flaws are not a show stopper for GSM,
but I doubt that is a good idea to reuse broken algorithms.

> Plus, SIM-based authentication could be used as a bootstrap
> mechanism for X.509 certficate distribution and therefore for
> TLS mutual authentication.
> 
I support this, but I fear ISIMs will be cheaper as they are
already standardized and will be promoted by the UMTS providers.

> There is a draft for SIP authentication with Authentication and Key 
> Agreement (AKA, 
> http://www.ietf.org/internet-drafts/draft-torvinen-http-digest-aka-v2-00.txt
you mean informational RfC 3310?

--
Wolfgang Beck
T-Systems Nova GmbH 

_______________________________________________
Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sip@ietf.org for new developments of core SIP

v2.23.0 | Report a Bug | By Email