Credential download

Erik Ehrlund eehrlund at kth.se
Wed Aug 30 11:22:05 CEST 2006 

Hello everyone,

I'm currently working on introducing some kind of credential
downloading system for minisip which im supposed to implement
in my master thesis. I have been looking into different ways on
doing this and im about to select one and would want your opinion
on this.


There is a draft on this matter made by the SIP wg (
http://www.ietf.org/internet-drafts/draft-ietf-sip-certs-01.txt, thanks
Magnusson) that talks about introducing a new event package "credential"
to handle this. However this draft also specifies that the UA should do a
TLS handshake before sending these packages to ensure privacy and
confidentiality. The problem with this approach is that it requires the UA
to have a set of root certificates already available for the
UA to use (to be able to validate the server certificate). Those root
certificates may not be available on a fresh installation. Instead of
using certificates to do the authentication we looked closer into "Strong
password protocols" that is able to do mutual authentication without
certificates (of the Strong password protocols we chose SRP). However by
doing this we break the "sip proxy routing" as SRP is a end-to-end
security protcol (the password is used to establish a strong secret).

We have thought of three different ways to do this.

1) Accept that the we can't handle sip proxies and force the UA to do a
direct connection to the credential server.

2) Use an extern protocol to download the credentials (for example SACRED
and using dns so locate the server)

3) Send the subscribe in clear text to the server and the server responde
with a notify that contains an URI to
where the UA can download it's credentials and the protocol to do it with
(https://address or equivalent). This is
about the same way that sipping proposed to handle profiles in
http://tools.ietf.org/wg/sipping/draft-ietf-sipping-config-framework/draft-ietf-sipping-config-framework-08.txt

2 and 3 are closly related, the only difference between them is that you
discover the address of the
credential server by doing a subcribe/notify in 3 and sv records in 2.

Which of these 3 options do you think is the most correct way to do it ?
(Or do you have a better idea on how to implement it)

I am currently working towards number 2 as most can be reused if a
different way is chosen.

Best Regards
Erik

More information about the Minisip-devel mailing list