Technical summary.
The Session Initiation Protocol (SIP) supports communications across many
media types, including real-time audio, video, text, instant messaging,
and presence. In its current form, it allows session invitations, instant
messages, and other requests to be delivered from one party to another
without requiring explicit consent of the recipient. Without such consent,
it is possible for SIP to be used for malicious purposes, including
amplification, and DoS (Denial of Service) attacks. This document
identifies a framework for consent-based communications in SIP.
Working group summary.
There is consensus in the working group to publish this document. The
document came about due to security area concerns about the need to
protect against denial of service attacks and amplification attacks
when various relay and uri-list mechanisms are used in SIP.
Document Quality
The document has been extensively reviewed and discussed by the SIP WG
since 2004.