> - whether this represents a problem space that the working group > should draft requirements on?
Yes; it is desirable and useful to provide an authentication mechanism that uses certificates to authenticate a registrar to its UA and a SIP UA to its registrar, rather than the existing Digest mechanism that uses a shared secret between the UA and its registrar. > - whether the problem space exists but is something slightly > different, and if so what is that problem space? > > - whether there is a more general problem that the security area > should be addressing, rather than the SIP group addressing something > specific? I expect you're referring to HTTP, as HTTP is where SIP derived its Digest authentication from. I don't believe HTTP has any need or interest in using certificates for client authentication; however, as you know, there is some interest in considering how HTTP's authentication can be 'fixed' (modernized). > - based on your answers to the first three questions, whether this > draft is essentially in the right direction to be adopted as the WG > draft assuming we create the charter item, or whether we need to seek > some other input draft? draft-dotson-sip-certificate-auth-03 seems suitable in capturing requirements. > - and finally, whether (assuming we go ahead with this work) there > is any work in any other IETF WG that we should take account of? During the discussion of the HTTPbis BoF, http://lists.w3.org/Archives/Public/ietf-http-wg there were some people that suggested RFC2617 (which defines HTTP's Basic and Digest authentication) also be revised. This may have some bearing on SIP, if it is decided that HTTPbis's charter will include a revision of RFC2617. -d > Regards > > Keith > > > > Regards > > Keith > > > _______________________________________________ > Sip mailing list https://www1.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
