Security Considerations. This draft is about making it possible to select between various SIP security mechanisms in a secure manner. In particular, the method pre¡ sented here allow current networks using hop-by-hop mechanisms to later securely upgrade to end-to-end mechanisms without requiring a simultaneous modification in all equipment. Also, the presented method allows SIP entities to request that the complete path through several proxies is protected with lower-layer mechanisms such as TLS. Cur¡ rently this isn't possible. The method presented in this draft is secure only if the weakest pro¡ posed mechanism offers at least integrity protection. Therefore, we recommend that HTTP Basic authentication SHOULD NOT be used in con¡ junction with this method. We also recommend that HTTP Digest authen¡ tication be upgraded to support the integrity protection of larger parts of SIP messages than it currently does [8, 9].
Appears in 2 contracts
Sources: Security Mechanism Agreement, Security Mechanism Agreement for Sip Connections