Third-Party Token-Based Authentication and Authorization for Session Initiation Protocol (SIP)
RFC 8898

Approval announcement
Draft of message to be sent after approval: 

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: mahoney@nostrum.com, rfc-editor@rfc-editor.org, sipcore@ietf.org, sipcore-chairs@ietf.org, draft-ietf-sipcore-sip-token-authnz@ietf.org, Jean Mahoney <mahoney@nostrum.com>, The IESG <iesg@ietf.org>, superuser@gmail.com
Subject: Protocol Action: 'Third-Party Token-based Authentication and Authorization for Session Initiation Protocol (SIP)' to Proposed Standard (draft-ietf-sipcore-sip-token-authnz-17.txt)

The IESG has approved the following document:
- 'Third-Party Token-based Authentication and Authorization for Session
   Initiation Protocol (SIP)'
  (draft-ietf-sipcore-sip-token-authnz-17.txt) as Proposed Standard

This document is the product of the Session Initiation Protocol Core Working
Group.

The IESG contact persons are Murray Kucherawy and Barry Leiba.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-sipcore-sip-token-authnz/




Technical Summary

   This document defines the "Bearer" authentication scheme for the
   Session Initiation Protocol (SIP), and a mechanism by which user
   authentication and SIP registration authorization is delegated to a
   third party, using the OAuth 2.0 framework and OpenID Connect Core
   1.0.  This document updates RFC 3261 to provide guidance on how a SIP
   User Agent Client (UAC) responds to a SIP 401/407 response that
   contains multiple WWW-Authenticate/Proxy-Authenticate header fields.

Working Group Summary

   This work has been discussed the sipcore working group for a 
   while. It is much scaled down from its original scope, and 
   contains the core of what the working group had consensus on.
   No contention was noted.

Document Quality

   The authors indicated that there was at least one implementation 
   of this. It's assumed that it will be deployed in 3GPP networks. 
   During WGLC, the chairs asked if there were any other implementation 
   plans, but no reviewers chose to share that info. 

   General review quality based on mailing list activity seems to be satisfactory.

Personnel

   Jean Mahoney is the Document Shepherd.
   Murray Kucherawy is the responsible Area Director.

RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools