Single Hop Message Authentication in SIP
Nortel Networks
To date, the HTTP access authentication framework, as described in [RFC2617] and as used in [SIPbis05], has permitted limited SIP message authentication from UAC to Proxy/UAS, Proxy to Proxy, and Proxy to UAS. This draft addresses some of the shortcomings of SIP usage of Digest for message authentication between a SIP User Agent and a Proxy one hop away (e.g., an outbound Proxy). For the messages exchanged between the UA and a Proxy one hop away, the Service Provider may want to provide a different level of protection than that possible for the same messages end-to-end.