Enhancements for Authenticated Identity Management in the Session Initiation Protocol
RFC 4474, “Enhancements for Authenticated Identity Management in the Session Initiation Protocol”, is a Proposed Standard document published in August 2006 by J. Peterson, C. Jennings. It has been obsoleted by RFC 8224 — refer to the newer document for the authoritative version. The canonical text is published by the RFC Editor.
Abstract
The existing security mechanisms in the Session Initiation Protocol (SIP) are inadequate for cryptographically assuring the identity of the end users that originate SIP requests, especially in an interdomain context. This document defines a mechanism for securely identifying originators of SIP messages. It does so by defining two new SIP header fields, Identity, for conveying a signature used for validating the identity, and Identity-Info, for conveying a reference to the certificate of the signer. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 4474 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 4473 Requirements for Internet Media Guides
- RFC 4475 Session Initiation Protocol Torture Test Messages
- RFC 4472 Operational Considerations and Issues with IPv6 DNS
- RFC 4476 Attribute Certificate Policies Extension
- RFC 4471 Derivation of DNS Name Predecessor and Successor
- RFC 4477 Dynamic Host Configuration Protocol : IPv4 and IPv6 Dual-Stack Issues
- RFC 4470 Minimally Covering NSEC Records and DNSSEC On-line Signing
- RFC 4478 Repeated Authentication in Internet Key Exchange Protocol