A Framework for Consent-Based Communications in the Session Initiation Protocol (SIP)

SIP supports communications for several services, including real-time audio, video, text, instant messaging, and presence. In its current form, it allows session invitations, instant messages, and other requests to be delivered from one party to another without requiring explicit consent of the recipient. Without such consent, it is possible for SIP to be used for malicious purposes, including amplification and DoS (Denial of Service) attacks. This document identifies a framework for consent-based communications in SIP. [STANDARDS-TRACK]

[1]  Cullen Jennings,et al.  Managing Client-Initiated Connections in the Session Initiation Protocol (SIP) , 2009, RFC.

[2]  Gonzalo Camarillo A Document Format for Requesting Consent , 2008, RFC.

[3]  Jonathan D. Rosenberg,et al.  The Extensible Markup Language (XML) Configuration Access Protocol (XCAP) , 2007, RFC.

[4]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[5]  Gonzalo Camarillo The Session Initiation Protocol (SIP) Pending Additions Event Package , 2008, RFC.

[6]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[7]  Jon Peterson,et al.  Private Extensions to the Session Initiation Protocol (SIP) for Asserted Identity within Trusted Networks , 2002, RFC.

[8]  Henning Schulzrinne,et al.  Call Processing Language (CPL): A Language for User Control of Internet Telephony Services , 2004, RFC.

[9]  Gonzalo Camarillo,et al.  Requirements for Consent-Based Communications in the Session Initiation Protocol (SIP) , 2006, RFC.

[10]  Gonzalo Camarillo,et al.  Framework and Security Considerations for Session Initiation Protocol (SIP) URI-List Services , 2008, RFC.

[11]  Christian Huitema,et al.  Session Initiation Protocol (SIP) Extension for Instant Messaging , 2002, RFC.

[12]  Dave Crocker,et al.  Augmented BNF for Syntax Specifications: ABNF , 1997, RFC.

[13]  Cullen Jennings,et al.  The Session Initiation Protocol (SIP) and Spam , 2008, RFC.

[14]  Jonathan D. Rosenberg,et al.  Extensible Markup Language (XML) Formats for Representing Resource Lists , 2007, RFC.

[15]  Jon Peterson,et al.  Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) , 2006, RFC.

[16]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.