Authenticated Identity Management in the Session Initiation Protocol
RFC 8224, “Authenticated Identity Management in the Session Initiation Protocol”, is a Proposed Standard document published in February 2018 by J. Peterson, C. Jennings, E. Rescorla, C. Wendt. It obsoletes RFC 4474. It has since been updated by RFC 8946. The canonical text is published by the RFC Editor.
Abstract
The baseline security mechanisms in the Session Initiation Protocol (SIP) are inadequate for cryptographically assuring the identity of the end users that originate SIP requests, especially in an interdomain context. This document defines a mechanism for securely identifying originators of SIP requests. It does so by defining a SIP header field for conveying a signature used for validating the identity and for conveying a reference to the credentials of the signer.
This document obsoletes RFC 4474.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8224 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8225 PASSporT: Personal Assertion Token
- RFC 8226 Secure Telephone Identity Credentials: Certificates
- RFC 8278 Mobile Access Gateway Multipath Options
- RFC 8289 Controlled Delay Active Queue Management
- RFC 8290 The Flow Queue CoDel Packet Scheduler and Active Queue Management Algorithm
- RFC 8293 A Framework for Multicast in Network Virtualization over Layer 3
- RFC 8295 EST Extensions
- RFC 8296 Encapsulation for Bit Index Explicit Replication in MPLS and Non-MPLS Networks