Download
1 / 3
30 likes | 147 Vues
This document outlines the draft for integrating SAML (Security Assertion Markup Language) with SIP (Session Initiation Protocol) to enhance authentication and authorization in VoIP communications. Key updates include improved examples of SAML assertions, additional references, and reorganized sections for clarity. The draft discusses implications for trait-based authorization, potential for SIP proxies to handle SAML assertions, and outlines normative considerations for future versions. This integration aims to simplify the authentication process while addressing various emerging requirements in SIP communications.
E N D
draft-ietf-sip-saml-00 New SIP-SAML I-D: draft-ietf-sip-saml-00.txt was: draft-tschofenig-sip-saml-05.txt • addressed feedback on the list (thanks Vijay Gurbani) • Enhanced the "Example SAML Assertions" section • Added additional references • Changed the order of the "Specification Scope" and the "Introduction" section • Moved Use-case Scenarios in Appendix
draft-ietf-sip-saml-00 What needs to be done with a future version: • normative considerations (as opposed to editorial) • is this spec a solution for meeting only the trait-based authz requirements? • draft-ietf-sipping-trait-authz-02 • If so, then the implications are: • draft-ietf-sip-saml-xx only needs to meet those stated requirements and compose simply with emergent SIP Identity RFC, and, • doesn't need to meet reqs of various SAML-based I-Ds eg sip-payment, SIP CPC, SPIT • those various SAML-based I-Ds may need their own SAML profiles
draft-ietf-sip-saml-00 What needs to be done with a future version(cont'd): • Discussion about enabling SIP Proxies to add SAML assertions to the SIP header by value • if SAML assertions can be conveyed by-value, then it may be more straightforward to have a single "SIP SAML Profile" that addresses the multiple, somewhat intersecting, use cases in the other I-Ds (mentioned on prior slide)
