[SIPForum-discussion] End-to-End Authentication Using SIP

• Previous message: [SIPForum-discussion] End-to-End Authentication Using SIP
• Next message: [SIPForum-discussion] 30% Savings on All Conference Packages for SIP Forum Members
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, 

I am not sure if I understood this clearly.
What I can understand is in a call scenario explained below, user A
wants to authenticate if it is contacting the right proxy or not?
Please correct me if this is wrong.

User A------------Proxy ------------User B

Now considering above scenario User A will contact the proxy using the
preconfigured outbound proxy or Route header. So at transport level we
need to ensure that the proxy we are contacting is correct or not.
Currently TLS is the mechanism where we can identify if the far end is
the trusted endpoint or not. Considering the Authentication, I don't
thin there is any RFC right now in this regard, if someone in the group
has any idea on the same, please let me know as well.


Bust considering the need, it is more important to Authenticate the
user(Client) as user moves across machines and hence authentication is
required.

Regards
Sunil Verma


-----Original Message-----
From: discussion-bounces at sipforum.org
[mailto:discussion-bounces at sipforum.org] On Behalf Of Couret Tabt
Sent: Wednesday, January 20, 2010 8:00 PM
To: discussion at sipforum.org
Subject: [SIPForum-discussion] End-to-End Authentication Using SIP

Dear folks,

SIP has some mechanisms for hop by hop authentication.
For example,
REGISTER has user-sip server (e.g.registrar) authentication
mechanism and INVITE has sender-proxy authentication
mechanism in RFC3261.
In  RFC4474, we have the authentication mechanism
that a receiver(or receiver side proxy) authenticate a sender
using PKI system that has a sender side(usually sender
side proxy has it).

Then do you know how a receiver side proxy authenticate
a right receiver(that is NOT spoofed) and vice versa?

If it is possible, as a result, we make end-to-end
authentication in SIP, I think.

If you know any way or documents (proceedings, papers,...)
written about it, please let me know.

Thanks,
Tabt
_______________________________________________
This is the SIP Forum discussion mailing list
TO UNSUBSCRIBE, or edit your delivery options, please visit
http://sipforum.org/mailman/listinfo/discussion
Post to the list at discussion at sipforum.org

• Previous message: [SIPForum-discussion] End-to-End Authentication Using SIP
• Next message: [SIPForum-discussion] 30% Savings on All Conference Packages for SIP Forum Members
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]