draft-ietf-sipcore-digest-scheme-09.txt		draft-ietf-sipcore-digest-scheme-10.txt
	SIP Core R. Shekh-Yusef		SIP Core R. Shekh-Yusef
	Internet-Draft Avaya		Internet-Draft Avaya
	Updates: 3261 (if approved) September 16, 2019		Updates: 3261 (if approved) September 18, 2019
	Intended status: Standards Track		Intended status: Standards Track
	Expires: March 19, 2020		Expires: March 21, 2020
	The Session Initiation Protocol (SIP) Digest Authentication Scheme		The Session Initiation Protocol (SIP) Digest Authentication Scheme
	draft-ietf-sipcore-digest-scheme-09		draft-ietf-sipcore-digest-scheme-10
	Abstract		Abstract
	This document updates RFC 3261 by updating the Digest Access		This document updates RFC 3261 by updating the Digest Access
	Authentication scheme used by the Session Initiation Protocol (SIP)		Authentication scheme used by the Session Initiation Protocol (SIP)
	to add support for more secure digest algorithms, e.g. SHA-256 and		to add support for more secure digest algorithms, e.g. SHA-256 and
	SHA-512-256, to replace the broken MD5 algorithm, which might be used		SHA-512-256, to replace the broken MD5 algorithm, which might be used
	for backward compatibility reasons only.		for backward compatibility reasons only.
	Status of This Memo		Status of This Memo
	skipping to change at page 1, line 35 ¶		skipping to change at page 1, line 35 ¶
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at https://datatracker.ietf.org/drafts/current/.		Drafts is at https://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on March 19, 2020.		This Internet-Draft will expire on March 21, 2020.
	Copyright Notice		Copyright Notice
	Copyright (c) 2019 IETF Trust and the persons identified as the		Copyright (c) 2019 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(https://trustee.ietf.org/license-info) in effect on the date of		(https://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	skipping to change at page 2, line 36 ¶		skipping to change at page 2, line 36 ¶
	2.3. UAS Behavior . . . . . . . . . . . . . . . . . . . . . . 4		2.3. UAS Behavior . . . . . . . . . . . . . . . . . . . . . . 4
	2.4. UAC Behavior . . . . . . . . . . . . . . . . . . . . . . 5		2.4. UAC Behavior . . . . . . . . . . . . . . . . . . . . . . 5
	2.5. Forking . . . . . . . . . . . . . . . . . . . . . . . . . 5		2.5. Forking . . . . . . . . . . . . . . . . . . . . . . . . . 5
	2.6. HTTP Digest Authentication Scheme Modifications . . . . . 5		2.6. HTTP Digest Authentication Scheme Modifications . . . . . 5
	2.7. Augmented BNF for SIP . . . . . . . . . . . . . . . . . . 7		2.7. Augmented BNF for SIP . . . . . . . . . . . . . . . . . . 7
	3. Security Considerations . . . . . . . . . . . . . . . . . . . 7		3. Security Considerations . . . . . . . . . . . . . . . . . . . 7
	4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8		4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
	5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8		5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8
	6. References . . . . . . . . . . . . . . . . . . . . . . . . . 8		6. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
	6.1. Normative References . . . . . . . . . . . . . . . . . . 8		6.1. Normative References . . . . . . . . . . . . . . . . . . 8
	6.2. Informative References . . . . . . . . . . . . . . . . . 8		6.2. Informative References . . . . . . . . . . . . . . . . . 9
	Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9		Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9
	1. Introduction		1. Introduction
	The Session Initiation Protocol [RFC3261] uses the same mechanism		The Session Initiation Protocol [RFC3261] uses the same mechanism
	that the Hypertext Transfer Protocol (HTTP) uses for authenticating		that the Hypertext Transfer Protocol (HTTP) uses for authenticating
	users. This mechanism is called Digest Access Authentication, and it		users. This mechanism is called Digest Access Authentication, and it
	is a simple challenge-response mechanism that allows a server to		is a simple challenge-response mechanism that allows a server to
	challenge a client request and allows a client to provide		challenge a client request and allows a client to provide
	authentication information in response to that challenge. The		authentication information in response to that challenge. The
	skipping to change at page 3, line 21 ¶		skipping to change at page 3, line 21 ¶
	Authentication" registry, so that algorithms can be added in the		Authentication" registry, so that algorithms can be added in the
	future.		future.
	This document updates the Digest Access Authentication scheme used by		This document updates the Digest Access Authentication scheme used by
	SIP to support the algorithms listed in the "Hash Algorithms for HTTP		SIP to support the algorithms listed in the "Hash Algorithms for HTTP
	Digest Authentication" registry defined by [RFC7616].		Digest Authentication" registry defined by [RFC7616].
	1.1. Terminology		1.1. Terminology
	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",		The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this		"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
	document are to be interpreted as described in [RFC8174].		"OPTIONAL" in this document are to be interpreted as described in BCP
			14 [RFC2119] [RFC8174] when, and only when, they appear in all
			capitals, as shown here.
	2. SIP Digest Authentication Scheme Updates		2. SIP Digest Authentication Scheme Updates
	This section describes the modifications to the operation of the		This section describes the modifications to the operation of the
	Digest mechanism as specified in [RFC3261] in order to support the		Digest mechanism as specified in [RFC3261] in order to support the
	algorithms defined in the "Hash Algorithms for HTTP Digest		algorithms defined in the "Hash Algorithms for HTTP Digest
	Authentication" registry described in [RFC7616].		Authentication" registry described in [RFC7616].
	It replaces the reference to [RFC2617] with a reference to [RFC7616]		It replaces the reference to [RFC2617] with a reference to [RFC7616]
	in [RFC3261], and describes the modifications to the usage of the		in [RFC3261], and describes the modifications to the usage of the
	skipping to change at page 8, line 29 ¶		skipping to change at page 8, line 29 ¶
	The author would like to thank the following individuals for their		The author would like to thank the following individuals for their
	careful reviews, comments, and suggestions: Paul Kyzivat, Olle		careful reviews, comments, and suggestions: Paul Kyzivat, Olle
	Johansson, Dale Worley, Michael Procter, Inaki Baz Castillo, Tolga		Johansson, Dale Worley, Michael Procter, Inaki Baz Castillo, Tolga
	Asveren, Christer Holmberg, Brian Rosen, Jean Mahoney, and Adam		Asveren, Christer Holmberg, Brian Rosen, Jean Mahoney, and Adam
	Roach.		Roach.
	6. References		6. References
	6.1. Normative References		6.1. Normative References
			[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
			Requirement Levels", BCP 14, RFC 2119,
			DOI 10.17487/RFC2119, March 1997,
			<https://www.rfc-editor.org/info/rfc2119>.
	[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, H., Johnston,		[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, H., Johnston,
	A., Peterson, J., Sparks, R., Handley, M., and E.		A., Peterson, J., Sparks, R., Handley, M., and E.
	Schooler, "SIP: Session Initiation Protocol", RFC 3261,		Schooler, "SIP: Session Initiation Protocol", RFC 3261,
	June 2002.		June 2002.
	[RFC7234] Fielding, R., Nottingham, M., and J. Reschke, "Hypertext		[RFC7234] Fielding, R., Nottingham, M., and J. Reschke, "Hypertext
	Transfer Protocol (HTTP/1.1): Caching", RFC 7234, June		Transfer Protocol (HTTP/1.1): Caching", RFC 7234, June
	2014.		2014.
	[RFC7616] Shekh-Yusef, R., Ahrens, D., and S. Bremer, "HTTP Digest		[RFC7616] Shekh-Yusef, R., Ahrens, D., and S. Bremer, "HTTP Digest
End of changes. 7 change blocks.
	7 lines changed or deleted		14 lines changed or added
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/