Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kumiko Ono ono.kumiko@lab.ntt.co.jp End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono.

Published byJosephine Lindsey Modified over 6 years ago

Similar presentations

Presentation on theme: "Kumiko Ono ono.kumiko@lab.ntt.co.jp End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono."— Presentation transcript:

1 Kumiko Ono ono.kumiko@lab.ntt.co.jp
End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono IETF61

2 draft-ietf-sipping-e2m-sec-reqs-04
Requirements draft-ietf-sipping-e2m-sec-reqs-04

3 Changes since 03 Section 2.1: Examples of Scenarios
Removed the text that overlapped with the scope of session policies Removed the text that described an illegal behavior of a proxy server

4 Changes since 03 (cont’d)
Section 4: Requirements for a Solution Added notes to describe the requirements met by session policies Added a note to describe the requirements met by an existing mechanism, digest authentication Changed "SHOULD" to "MAY“ REQ-CONF-4: It MAY allow a UA to request that the recipient UA disclose information to the proxy server, which requesting UA is disclosing the information to. The request itself SHOULD be secure. Added the conditions of the requirements. References Divided references to normative and informative.

5 In WG LC till Nov.20 Feedbacks are appreciated.

6 draft-ono-sipping-end2middle-security-03
Mechanism draft-ono-sipping-end2middle-security-03

7 Open Issue#1: Labeling the target body for “middle”
Option A-1. A new SIP header i.e.: “Proxy-Required-Body" Option A-2. A new parameter in a SIP header i.e.: "content-id" param in Route header Option B-1. A new MIME header     i.e.: "Content-Target" Option B-2. A new parameter in a MIME header i.e.: "required-entity" param in "Content-Disposition" My Proposal:

8 Open Issue#2: Notification with a new error code
Proxy should have a way to notify a UA about e2m security utilization in addition to using UAC driven method, such as session policy package. 1) When a proxy server needs to view an encrypted data sent by UAC, it requires end-to-middle confidentiality. An existing error code, "493 Undecipherable“ and target content type in Warning header 2) When a proxy server needs to validate the data integrity of the message, it requires end-to-middle integrity. 403? A new error code, such as "495 Signature required" and target content type in Warning header

9 Next Step Can we adopt this as a WG item?

Download ppt "Kumiko Ono ono.kumiko@lab.ntt.co.jp End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono."

Similar presentations

SIP-T Status Update Jon Peterson Level(3) Communications 49 th IETF.

SIP-T Status Update Jon Peterson Level(3) Communications 49 th IETF.
1 © 2001, Cisco Systems, Inc. All rights reserved. © 2004, Cisco Systems, Inc. All rights reserved. Location Conveyance in SIP draft-ietf-sipping-location-requirements-02.

1 © 2001, Cisco Systems, Inc. All rights reserved. © 2004, Cisco Systems, Inc. All rights reserved. Location Conveyance in SIP draft-ietf-sipping-location-requirements-02.
IM Delivery and Read Reports Hisham Khartabil

IM Delivery and Read Reports Hisham Khartabil
August 2, 2005SIPPING WG IETF 63 ETSI TISPAN ISDN simulation services Roland Jesske Denis Alexeitsev Miguel Garcia-Martin.

August 2, 2005SIPPING WG IETF 63 ETSI TISPAN ISDN simulation services Roland Jesske Denis Alexeitsev Miguel Garcia-Martin.
Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
www.dynamicsoft.com IM 2000 -- May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.

IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.
July 13, 2006SIPPING WG IETF 66Slide # 1 ETSI TISPAN call completion services (draft-poetzl-sipping-call-completion-00) Roland

July 13, 2006SIPPING WG IETF 66Slide # 1 ETSI TISPAN call completion services (draft-poetzl-sipping-call-completion-00) Roland
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.

9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.
1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat 41546342 Supervisor: Dr. Rajan Shankaran.

1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
1 SIPREC Recording Metadata format (draft-ram-siprec-metadata-format- 01) IETF-80 SIPREC MEETING R Parthasarathi On behalf of the team Team: Paul Kyzivat,

1 SIPREC Recording Metadata format (draft-ram-siprec-metadata-format- 01) IETF-80 SIPREC MEETING R Parthasarathi On behalf of the team Team: Paul Kyzivat,
Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.

Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.
Volker Hilt Bell Labs/Alcatel-Lucent SIP Overload Control IETF Design Team Status.

Volker Hilt Bell Labs/Alcatel-Lucent SIP Overload Control IETF Design Team Status.
0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.

0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
Cullen Jennings Certificate Directory for SIP.

Cullen Jennings Certificate Directory for SIP.
SIP Digest Access Authentication Rifaat Shekh-Yusef IETF 89, SIPCore WG, London March 6, 2014 1Rifaat Shekh-Yusef - SIP Digest Auth.

SIP Digest Access Authentication Rifaat Shekh-Yusef IETF 89, SIPCore WG, London March 6, Rifaat Shekh-Yusef - SIP Digest Auth.
1 SIPREC draft-ietf-siprec-architecture-00 An Architecture for Media Recording using SIP IETF SIPREC INTERIM – Sept 28 th 2010 Andrew Hutton.

1 SIPREC draft-ietf-siprec-architecture-00 An Architecture for Media Recording using SIP IETF SIPREC INTERIM – Sept 28 th 2010 Andrew Hutton.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential Issues with HTTP Authentication for SIP Hisham Khartabil SIP WG IETF 59, Seoul.

1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential Issues with HTTP Authentication for SIP Hisham Khartabil SIP WG IETF 59, Seoul.

Similar presentations

Ads by Google