End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 - PowerPoint PPT Presentation

About This Presentation
Title:

End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03

Description:

Added the conditions of the requirements. References ... A new error code, such as '495 Signature required' and target content type in Warning header ... – PowerPoint PPT presentation

Number of Views:114
Avg rating:3.0/5.0
Slides: 10
Provided by: Kumik3
Learn more at: https://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03


1
End-to-middle Security in SIPdraft-ietf-sipping-e
2m-sec-reqs-04draft-ono-sipping-end2middle-securi
ty-03
  • Kumiko Ono
  • ono.kumiko_at_lab.ntt.co.jp

IETF61
2
Requirements
  • draft-ietf-sipping-e2m-sec-reqs-04

3
Changes since 03
  • Section 2.1 Examples of Scenarios
  • Removed the text that overlapped with the scope
    of session policies
  • Removed the text that described an illegal
    behavior of a proxy server

4
Changes since 03 (contd)
  • Section 4 Requirements for a Solution
  • Added notes to describe the requirements met by
    session policies
  • Added a note to describe the requirements met by
    an existing mechanism, digest authentication
  • Changed "SHOULD" to "MAY
  • REQ-CONF-4 It MAY allow a UA to request that
    the recipient UA disclose information to the
    proxy server, which requesting UA is disclosing
    the information to. The request itself SHOULD be
    secure.
  • Added the conditions of the requirements.
  • References
  • Divided references to normative and informative.

5
  • In WG LC till Nov.20
  • Feedbacks are appreciated.

6
Mechanism
  • draft-ono-sipping-end2middle-security-03

7
Open Issue1 Labeling the target body for
middle
  • Option A-1. A new SIP header
  • i.e. Proxy-Required-Body"
  • Option A-2. A new parameter in a SIP header
  • i.e. "content-id" param in Route header
  • Option B-1. A new MIME header
  • i.e. "Content-Target"
  • Option B-2. A new parameter in a MIME header
  • i.e. "required-entity" param in
  • "Content-Disposition"
  • My Proposal
  • Option A-1. A new SIP header

8
Open Issue2 Notification with a new error code
  • Proxy should have a way to notify a UA about e2m
    security utilization in addition to using UAC
    driven method, such as session policy package.
  • 1) When a proxy server needs to view an encrypted
    data sent by UAC, it requires end-to-middle
    confidentiality.
  • An existing error code, "493 Undecipherable and
    target content type in Warning header
  • 2) When a proxy server needs to validate the data
    integrity of the message, it requires
    end-to-middle integrity.
  • 403?
  • A new error code, such as "495 Signature
    required" and target content type in Warning
    header

9
Next Step
  • Can we adopt this as a WG item?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!