Retargeting Security in the Session Initiation Protocol (SIP)
Sonus Networks
As a SIP request is processed along its route to the destination, the initial request-URI can be altered without callers’ notice or consent. The caller may concern both the final call recipient’s identity and the authorities of the SIP intermediaries that alter the request-URI. Especially when the caller does not know the final call recipient, simply giving his/her identity to the caller will not help the caller to decide the legitimacy of the call. Without a secure retarget mechanism, the end-to-end security of SIP cannot be guaranteed. This document proposes a security mechanism to provide the caller with credentials of SIP intermediaries that retarget a request and the final recipient’s identity through response.