Paul, I am still interpreting the requirements, but at this time the security will move both signaling and RTP stream into a secured tunnel. So both UAs must make the jump at the same time. The keys will be defined at the UA level.
Thanks, Todd -----Original Message----- From: Paul Kyzivat [mailto:[EMAIL PROTECTED] Sent: Monday, 28 April, 2008 2:13 PM To: Binns, Todd D @ HENSCHEL Cc: [email protected] Subject: Re: [Sip] Passing added call information in the SIP packet Todd, I don't recall if you said if/how the signaling is to be secured? If the initial call is without secure signaling then you presumably need to find a way to secure the signaling before exchanging keys for secure media. What do you have in mind here? Paul [EMAIL PROTECTED] wrote: > Hi, > Yes, it (security) does mean a lot to a lot of different people. > Thanks for all the responses. I am reading the different suggested RFC > & drafts. My question was more on how can one UA inform another UA that > it wants to make changes to their session/dialog. In my case the > security will be different, but I want to have one UA initiate the > secure call (change to session/dialog), and the other UA to confirm. As > stated I can use the X- header since both clients will be custom. Is > there any other defined way that 2 UA should have this conversation, is > it only defined in the RFC3264? (An offer/answer model with the session > description protocol) > > Thanks Again to everyone that made comments, > Todd > > -----Original Message----- > From: Dean Willis [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 23 April, 2008 11:24 PM > To: Binns, Todd D @ HENSCHEL > Cc: [email protected] > Subject: Re: [Sip] Passing added call information in the SIP packet > > > On Apr 23, 2008, at 12:29 PM, [EMAIL PROTECTED] wrote: > >> Hi, >> I have been an user of SIP for a while, but never got into the >> need to extend it. I have tried to do an extensive research to see >> if there are any draft or RFC that handles the requirements that I >> am requested to do. Here is the scenario that I am trying to fulfill. >> >> A UA (custom hardware/software) wants to place or change the call >> into a secure call. It notifies the other participant by an INVITE >> or NOTIFY and both UA agree on the change and the details of the >> security. There are several different method of securing the call, >> and that would be included in the parameter passed between the UA. >> If this is not possible is there a way to embed the parameters into >> the header of the INVITE or NOTIFY so at least both UA know of the >> request? >> > > What do you mean, "secured call"? This term means many different > things to even more different people. > > You might look at: > > http://www.ietf.org/internet-drafts/draft-ietf-sip-sips-08.txt > > which has completed working group last call and I'm about to send to > the IESG, and at: > > http://www.ietf.org/internet-drafts/draft-ietf-sip-media-security-requir > ements-04.txt > > and > > http://www.ietf.org/internet-drafts/draft-ietf-sip-dtls-srtp-framework-0 > 1.txt > > which, if I recall aright, are currently in working group last call. > > -- > Dean > > > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
