Folks,
At the last IETF it was mentioned that the proposal in draft-dotson-sip-mutual-auth-00 is not to be considered an essential correction. A new version that presents the proposal as an extension was uploaded sometime back: http://tools.ietf.org/id/draft-dotson-sip-mutual-auth-01.txt As a refresher, the I-D proposes the use of the Proxy-Authentication-Info header for Proxy-to-User authentication within SIP. This header allows for a UA to authenticate the proxy during Proxy-to-user authentication, thus enabling mutual authentication. This is similar to the currently specified use of Authentication-Info header for User-to-User authentication (and without the Proxy-Authentication-Info header, the two would be inconsistent). It also enables limited integrity protection, and for the proxy to provide additional details such as the nonce to use for future authentication responses (next nonce). We would request the WG to review the proposal and let us know if this can be considered as a potential item for the WG or, more importantly, if there are any objections (with reasons). (The original email made it through to SIPPING instead of SIP - :(.) Thanks! Sumanth, Stuart and Steve
_______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
