Sorry, I had missed this going by until someone pointed it out ... Basically, I would support this work in SIP WG, which does seem like the right place at least for requirements (can see where it goes next from there).
> So can I hear opinions of the WG on: > > - whether this represents a problem space that the working group > should draft requirements on? SIP WG seems like as good a place as any, at least for requirements. > > - whether the problem space exists but is something slightly > different, and if so what is that problem space? Yes, the problem space exists. > > - whether there is a more general problem that the security area > should be addressing, rather than the SIP group addressing something > specific? Develop the *requirements* first, then ask this question. A worthy question for this list would be whether the requirements should expand to use cases beyond Registrar interactions (e.g to Invite, Subscribe/Notify, or to streaming uses, etc). Of course, the Security Area should be involved regardless, esp at solution time. > > - based on your answers to the first three questions, whether this > draft is essentially in the right direction to be adopted as the WG > draft assuming we create the charter item, or whether we need to seek > some other input draft? I believe it is close, modulo wondering about expansion beyond Register as above. (Could dicker over details...) > > - and finally, whether (assuming we go ahead with this work) there > is any work in any other IETF WG that we should take account of? Dunno. -- Peter Blatherwick -----Original Message----- From: DRAGE, Keith (Keith) [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 13, 2007 9:58 AM To: IETF SIP List Subject: [Sip] Certificate authentication in SIP (As WG chair) http://www.ietf.org/internet-drafts/draft-dotson-sip-certificate-auth-03 .txt Describes a set of requirements for: This document defines requirements for adding certificate authentication to the Session Initiation Protocol (SIP). This document is being presented with the intention of providing clear requirements to any potential solutions specifying certificate authentication within SIP networks. Supporting certificate authentication in SIP would provide strong authentication and increase the types of possible deployment scenarios. (Before we go any further, please forget all about the solutions document - that comes later and we are not dealing with it now) We need to decide whether there is support for a body of work in this area, and therefore whether we should charter some requirements work in the SIP WG. (Because this is security related we have agreed that SIP does the requirements drafting and not SIPPING) So can I hear opinions of the WG on: - whether this represents a problem space that the working group should draft requirements on? - whether the problem space exists but is something slightly different, and if so what is that problem space? - whether there is a more general problem that the security area should be addressing, rather than the SIP group addressing something specific? - based on your answers to the first three questions, whether this draft is essentially in the right direction to be adopted as the WG draft assuming we create the charter item, or whether we need to seek some other input draft? - and finally, whether (assuming we go ahead with this work) there is any work in any other IETF WG that we should take account of? Regards Keith Regards Keith _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors at cs.columbia.edu for questions on current sip Use sipping at ietf.org for new developments on the application of sip
_______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
