| draft-ietf-sipcore-digest-scheme-06.txt | draft-ietf-sipcore-digest-scheme-07.txt | |||
|---|---|---|---|---|
| SIP Core R. Shekh-Yusef | SIP Core R. Shekh-Yusef | |||
| Internet-Draft Avaya | Internet-Draft Avaya | |||
| Updates: 3261 (if approved) July 2, 2019 | Updates: 3261 (if approved) July 3, 2019 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: January 3, 2020 | Expires: January 4, 2020 | |||
| The Session Initiation Protocol (SIP) Digest Authentication Scheme | The Session Initiation Protocol (SIP) Digest Authentication Scheme | |||
| draft-ietf-sipcore-digest-scheme-06 | draft-ietf-sipcore-digest-scheme-07 | |||
| Abstract | Abstract | |||
| This document updates [RFC3261] by updating the Digest Access | This document updates [RFC3261] by updating the Digest Access | |||
| Authentication scheme used by the Session Initiation Protocol (SIP) | Authentication scheme used by the Session Initiation Protocol (SIP) | |||
| to add support for more secure digest algorithms, e.g. SHA-256 and | to add support for more secure digest algorithms, e.g. SHA-256 and | |||
| SHA-512-256, to replace the broken MD5 algorithm, which might be used | SHA-512-256, to replace the broken MD5 algorithm, which might be used | |||
| for backward compatibility reasons only. | for backward compatibility reasons only. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 35 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 3, 2020. | This Internet-Draft will expire on January 4, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 5, line 48 ¶ | skipping to change at page 5, line 48 ¶ | |||
| response it MUST maintain the order of these header fields. The | response it MUST maintain the order of these header fields. The | |||
| ordering of the header field values from the various proxies is not | ordering of the header field values from the various proxies is not | |||
| significant. | significant. | |||
| 2.6. HTTP Digest Authentication Scheme Modifications | 2.6. HTTP Digest Authentication Scheme Modifications | |||
| This section describes the modifications and clarifications required | This section describes the modifications and clarifications required | |||
| to apply the HTTP Digest authentication scheme to SIP. The SIP | to apply the HTTP Digest authentication scheme to SIP. The SIP | |||
| scheme usage is similar to that for HTTP. For completeness, the | scheme usage is similar to that for HTTP. For completeness, the | |||
| bullets specified below are mostly copied from section 22.4 of | bullets specified below are mostly copied from section 22.4 of | |||
| [RFC3261]; the only semantic changes are specified in bullets 7 and 8 | [RFC3261]; the only semantic changes are specified in bullets 1, 7, | |||
| below. | and 8 below. | |||
| SIP clients and servers MUST NOT accept or request Basic | SIP clients and servers MUST NOT accept or request Basic | |||
| authentication. | authentication. | |||
| The rules for Digest authentication follow those defined in HTTP, | The rules for Digest authentication follow those defined in HTTP, | |||
| with "HTTP/1.1" [RFC7616] replaced by "SIP/2.0" in addition to the | with "HTTP/1.1" [RFC7616] replaced by "SIP/2.0" in addition to the | |||
| following differences: | following differences: | |||
| 1. The URI included in the challenge has the following BNF: | 1. The URI included in the challenge has the following BNF: | |||
| skipping to change at page 8, line 22 ¶ | skipping to change at page 8, line 22 ¶ | |||
| in the future. This document specifies that algorithms defined in | in the future. This document specifies that algorithms defined in | |||
| that registry may be used in SIP digest authentication. | that registry may be used in SIP digest authentication. | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 5. Acknowledgments | 5. Acknowledgments | |||
| The author would like to thank the following individuals for their | The author would like to thank the following individuals for their | |||
| careful reviews, comments, and suggestions: Paul Kyzivat, Olle | careful reviews, comments, and suggestions: Paul Kyzivat, Olle | |||
| Johansson, Dale Worley, Michael Procter, Inaki Baz Castillo, Tolga | Johansson, Dale Worley, Michael Procter, Inaki Baz Castillo, Tolga | |||
| Asveren, Christer Holmberg, and Brian Rosen. | Asveren, Christer Holmberg, Brian Rosen, and Jean Mahoney. | |||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, H., Johnston, | [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, H., Johnston, | |||
| A., Peterson, J., Sparks, R., Handley, M., and E. | A., Peterson, J., Sparks, R., Handley, M., and E. | |||
| End of changes. 6 change blocks. | ||||
| 7 lines changed or deleted | 7 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||