Tech-invite3GPPspecsSIPRFCs
898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100

in Index   Prev   Next

RFC 3261

SIP: Session Initiation Protocol

Pages: 269
Proposed Standard
Errata
Obsoletes:  2543
Updated by:  32653853432049165393562156265630592259546026614166656878746274638217859187608898
Part 10 of 13 – Pages 182 to 213
First   Prev   Next

Top   ToC   RFC3261 - Page 182   prevText

21 Response Codes

The response codes are consistent with, and extend, HTTP/1.1 response codes. Not all HTTP/1.1 response codes are appropriate, and only those that are appropriate are given here. Other HTTP/1.1 response codes SHOULD NOT be used. Also, SIP defines a new class, 6xx.

21.1 Provisional 1xx

Provisional responses, also known as informational responses, indicate that the server contacted is performing some further action and does not yet have a definitive response. A server sends a 1xx response if it expects to take more than 200 ms to obtain a final response. Note that 1xx responses are not transmitted reliably. They never cause the client to send an ACK. Provisional (1xx) responses MAY contain message bodies, including session descriptions.
Top   ToC   RFC3261 - Page 183

21.1.1 100 Trying

This response indicates that the request has been received by the next-hop server and that some unspecified action is being taken on behalf of this call (for example, a database is being consulted). This response, like all other provisional responses, stops retransmissions of an INVITE by a UAC. The 100 (Trying) response is different from other provisional responses, in that it is never forwarded upstream by a stateful proxy.

21.1.2 180 Ringing

The UA receiving the INVITE is trying to alert the user. This response MAY be used to initiate local ringback.

21.1.3 181 Call Is Being Forwarded

A server MAY use this status code to indicate that the call is being forwarded to a different set of destinations.

21.1.4 182 Queued

The called party is temporarily unavailable, but the server has decided to queue the call rather than reject it. When the callee becomes available, it will return the appropriate final status response. The reason phrase MAY give further details about the status of the call, for example, "5 calls queued; expected waiting time is 15 minutes". The server MAY issue several 182 (Queued) responses to update the caller about the status of the queued call.

21.1.5 183 Session Progress

The 183 (Session Progress) response is used to convey information about the progress of the call that is not otherwise classified. The Reason-Phrase, header fields, or message body MAY be used to convey more details about the call progress.

21.2 Successful 2xx

The request was successful.

21.2.1 200 OK

The request has succeeded. The information returned with the response depends on the method used in the request.
Top   ToC   RFC3261 - Page 184

21.3 Redirection 3xx

3xx responses give information about the user's new location, or about alternative services that might be able to satisfy the call.

21.3.1 300 Multiple Choices

The address in the request resolved to several choices, each with its own specific location, and the user (or UA) can select a preferred communication end point and redirect its request to that location. The response MAY include a message body containing a list of resource characteristics and location(s) from which the user or UA can choose the one most appropriate, if allowed by the Accept request header field. However, no MIME types have been defined for this message body. The choices SHOULD also be listed as Contact fields (Section 20.10). Unlike HTTP, the SIP response MAY contain several Contact fields or a list of addresses in a Contact field. UAs MAY use the Contact header field value for automatic redirection or MAY ask the user to confirm a choice. However, this specification does not define any standard for such automatic selection. This status response is appropriate if the callee can be reached at several different locations and the server cannot or prefers not to proxy the request.

21.3.2 301 Moved Permanently

The user can no longer be found at the address in the Request-URI, and the requesting client SHOULD retry at the new address given by the Contact header field (Section 20.10). The requestor SHOULD update any local directories, address books, and user location caches with this new value and redirect future requests to the address(es) listed.

21.3.3 302 Moved Temporarily

The requesting client SHOULD retry the request at the new address(es) given by the Contact header field (Section 20.10). The Request-URI of the new request uses the value of the Contact header field in the response.
Top   ToC   RFC3261 - Page 185
   The duration of the validity of the Contact URI can be indicated
   through an Expires (Section 20.19) header field or an expires
   parameter in the Contact header field.  Both proxies and UAs MAY
   cache this URI for the duration of the expiration time.  If there is
   no explicit expiration time, the address is only valid once for
   recursing, and MUST NOT be cached for future transactions.

   If the URI cached from the Contact header field fails, the Request-
   URI from the redirected request MAY be tried again a single time.

      The temporary URI may have become out-of-date sooner than the
      expiration time, and a new temporary URI may be available.

21.3.4 305 Use Proxy

The requested resource MUST be accessed through the proxy given by the Contact field. The Contact field gives the URI of the proxy. The recipient is expected to repeat this single request via the proxy. 305 (Use Proxy) responses MUST only be generated by UASs.

21.3.5 380 Alternative Service

The call was not successful, but alternative services are possible. The alternative services are described in the message body of the response. Formats for such bodies are not defined here, and may be the subject of future standardization.

21.4 Request Failure 4xx

4xx responses are definite failure responses from a particular server. The client SHOULD NOT retry the same request without modification (for example, adding appropriate authorization). However, the same request to a different server might be successful.

21.4.1 400 Bad Request

The request could not be understood due to malformed syntax. The Reason-Phrase SHOULD identify the syntax problem in more detail, for example, "Missing Call-ID header field".

21.4.2 401 Unauthorized

The request requires user authentication. This response is issued by UASs and registrars, while 407 (Proxy Authentication Required) is used by proxy servers.
Top   ToC   RFC3261 - Page 186

21.4.3 402 Payment Required

Reserved for future use.

21.4.4 403 Forbidden

The server understood the request, but is refusing to fulfill it. Authorization will not help, and the request SHOULD NOT be repeated.

21.4.5 404 Not Found

The server has definitive information that the user does not exist at the domain specified in the Request-URI. This status is also returned if the domain in the Request-URI does not match any of the domains handled by the recipient of the request.

21.4.6 405 Method Not Allowed

The method specified in the Request-Line is understood, but not allowed for the address identified by the Request-URI. The response MUST include an Allow header field containing a list of valid methods for the indicated address.

21.4.7 406 Not Acceptable

The resource identified by the request is only capable of generating response entities that have content characteristics not acceptable according to the Accept header field sent in the request.

21.4.8 407 Proxy Authentication Required

This code is similar to 401 (Unauthorized), but indicates that the client MUST first authenticate itself with the proxy. SIP access authentication is explained in Sections 26 and 22.3. This status code can be used for applications where access to the communication channel (for example, a telephony gateway) rather than the callee requires authentication.

21.4.9 408 Request Timeout

The server could not produce a response within a suitable amount of time, for example, if it could not determine the location of the user in time. The client MAY repeat the request without modifications at any later time.
Top   ToC   RFC3261 - Page 187

21.4.10 410 Gone

The requested resource is no longer available at the server and no forwarding address is known. This condition is expected to be considered permanent. If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 (Not Found) SHOULD be used instead.

21.4.11 413 Request Entity Too Large

The server is refusing to process a request because the request entity-body is larger than the server is willing or able to process. The server MAY close the connection to prevent the client from continuing the request. If the condition is temporary, the server SHOULD include a Retry- After header field to indicate that it is temporary and after what time the client MAY try again.

21.4.12 414 Request-URI Too Long

The server is refusing to service the request because the Request-URI is longer than the server is willing to interpret.

21.4.13 415 Unsupported Media Type

The server is refusing to service the request because the message body of the request is in a format not supported by the server for the requested method. The server MUST return a list of acceptable formats using the Accept, Accept-Encoding, or Accept-Language header field, depending on the specific problem with the content. UAC processing of this response is described in Section 8.1.3.5.

21.4.14 416 Unsupported URI Scheme

The server cannot process the request because the scheme of the URI in the Request-URI is unknown to the server. Client processing of this response is described in Section 8.1.3.5.

21.4.15 420 Bad Extension

The server did not understand the protocol extension specified in a Proxy-Require (Section 20.29) or Require (Section 20.32) header field. The server MUST include a list of the unsupported extensions in an Unsupported header field in the response. UAC processing of this response is described in Section 8.1.3.5.
Top   ToC   RFC3261 - Page 188

21.4.16 421 Extension Required

The UAS needs a particular extension to process the request, but this extension is not listed in a Supported header field in the request. Responses with this status code MUST contain a Require header field listing the required extensions. A UAS SHOULD NOT use this response unless it truly cannot provide any useful service to the client. Instead, if a desirable extension is not listed in the Supported header field, servers SHOULD process the request using baseline SIP capabilities and any extensions supported by the client.

21.4.17 423 Interval Too Brief

The server is rejecting the request because the expiration time of the resource refreshed by the request is too short. This response can be used by a registrar to reject a registration whose Contact header field expiration time was too small. The use of this response and the related Min-Expires header field are described in Sections 10.2.8, 10.3, and 20.23.

21.4.18 480 Temporarily Unavailable

The callee's end system was contacted successfully but the callee is currently unavailable (for example, is not logged in, logged in but in a state that precludes communication with the callee, or has activated the "do not disturb" feature). The response MAY indicate a better time to call in the Retry-After header field. The user could also be available elsewhere (unbeknownst to this server). The reason phrase SHOULD indicate a more precise cause as to why the callee is unavailable. This value SHOULD be settable by the UA. Status 486 (Busy Here) MAY be used to more precisely indicate a particular reason for the call failure. This status is also returned by a redirect or proxy server that recognizes the user identified by the Request-URI, but does not currently have a valid forwarding location for that user.

21.4.19 481 Call/Transaction Does Not Exist

This status indicates that the UAS received a request that does not match any existing dialog or transaction.

21.4.20 482 Loop Detected

The server has detected a loop (Section 16.3 Item 4).
Top   ToC   RFC3261 - Page 189

21.4.21 483 Too Many Hops

The server received a request that contains a Max-Forwards (Section 20.22) header field with the value zero.

21.4.22 484 Address Incomplete

The server received a request with a Request-URI that was incomplete. Additional information SHOULD be provided in the reason phrase. This status code allows overlapped dialing. With overlapped dialing, the client does not know the length of the dialing string. It sends strings of increasing lengths, prompting the user for more input, until it no longer receives a 484 (Address Incomplete) status response.

21.4.23 485 Ambiguous

The Request-URI was ambiguous. The response MAY contain a listing of possible unambiguous addresses in Contact header fields. Revealing alternatives can infringe on privacy of the user or the organization. It MUST be possible to configure a server to respond with status 404 (Not Found) or to suppress the listing of possible choices for ambiguous Request-URIs. Example response to a request with the Request-URI sip:lee@example.com: SIP/2.0 485 Ambiguous Contact: Carol Lee <sip:carol.lee@example.com> Contact: Ping Lee <sip:p.lee@example.com> Contact: Lee M. Foote <sips:lee.foote@example.com> Some email and voice mail systems provide this functionality. A status code separate from 3xx is used since the semantics are different: for 300, it is assumed that the same person or service will be reached by the choices provided. While an automated choice or sequential search makes sense for a 3xx response, user intervention is required for a 485 (Ambiguous) response.

21.4.24 486 Busy Here

The callee's end system was contacted successfully, but the callee is currently not willing or able to take additional calls at this end system. The response MAY indicate a better time to call in the Retry-After header field. The user could also be available
Top   ToC   RFC3261 - Page 190
   elsewhere, such as through a voice mail service.  Status 600 (Busy
   Everywhere) SHOULD be used if the client knows that no other end
   system will be able to accept this call.

21.4.25 487 Request Terminated

The request was terminated by a BYE or CANCEL request. This response is never returned for a CANCEL request itself.

21.4.26 488 Not Acceptable Here

The response has the same meaning as 606 (Not Acceptable), but only applies to the specific resource addressed by the Request-URI and the request may succeed elsewhere. A message body containing a description of media capabilities MAY be present in the response, which is formatted according to the Accept header field in the INVITE (or application/sdp if not present), the same as a message body in a 200 (OK) response to an OPTIONS request.

21.4.27 491 Request Pending

The request was received by a UAS that had a pending request within the same dialog. Section 14.2 describes how such "glare" situations are resolved.

21.4.28 493 Undecipherable

The request was received by a UAS that contained an encrypted MIME body for which the recipient does not possess or will not provide an appropriate decryption key. This response MAY have a single body containing an appropriate public key that should be used to encrypt MIME bodies sent to this UA. Details of the usage of this response code can be found in Section 23.2.

21.5 Server Failure 5xx

5xx responses are failure responses given when a server itself has erred.

21.5.1 500 Server Internal Error

The server encountered an unexpected condition that prevented it from fulfilling the request. The client MAY display the specific error condition and MAY retry the request after several seconds. If the condition is temporary, the server MAY indicate when the client may retry the request using the Retry-After header field.
Top   ToC   RFC3261 - Page 191

21.5.2 501 Not Implemented

The server does not support the functionality required to fulfill the request. This is the appropriate response when a UAS does not recognize the request method and is not capable of supporting it for any user. (Proxies forward all requests regardless of method.) Note that a 405 (Method Not Allowed) is sent when the server recognizes the request method, but that method is not allowed or supported.

21.5.3 502 Bad Gateway

The server, while acting as a gateway or proxy, received an invalid response from the downstream server it accessed in attempting to fulfill the request.

21.5.4 503 Service Unavailable

The server is temporarily unable to process the request due to a temporary overloading or maintenance of the server. The server MAY indicate when the client should retry the request in a Retry-After header field. If no Retry-After is given, the client MUST act as if it had received a 500 (Server Internal Error) response. A client (proxy or UAC) receiving a 503 (Service Unavailable) SHOULD attempt to forward the request to an alternate server. It SHOULD NOT forward any other requests to that server for the duration specified in the Retry-After header field, if present. Servers MAY refuse the connection or drop the request instead of responding with 503 (Service Unavailable).

21.5.5 504 Server Time-out

The server did not receive a timely response from an external server it accessed in attempting to process the request. 408 (Request Timeout) should be used instead if there was no response within the period specified in the Expires header field from the upstream server.

21.5.6 505 Version Not Supported

The server does not support, or refuses to support, the SIP protocol version that was used in the request. The server is indicating that it is unable or unwilling to complete the request using the same major version as the client, other than with this error message.
Top   ToC   RFC3261 - Page 192

21.5.7 513 Message Too Large

The server was unable to process the request since the message length exceeded its capabilities.

21.6 Global Failures 6xx

6xx responses indicate that a server has definitive information about a particular user, not just the particular instance indicated in the Request-URI.

21.6.1 600 Busy Everywhere

The callee's end system was contacted successfully but the callee is busy and does not wish to take the call at this time. The response MAY indicate a better time to call in the Retry-After header field. If the callee does not wish to reveal the reason for declining the call, the callee uses status code 603 (Decline) instead. This status response is returned only if the client knows that no other end point (such as a voice mail system) will answer the request. Otherwise, 486 (Busy Here) should be returned.

21.6.2 603 Decline

The callee's machine was successfully contacted but the user explicitly does not wish to or cannot participate. The response MAY indicate a better time to call in the Retry-After header field. This status response is returned only if the client knows that no other end point will answer the request.

21.6.3 604 Does Not Exist Anywhere

The server has authoritative information that the user indicated in the Request-URI does not exist anywhere.

21.6.4 606 Not Acceptable

The user's agent was contacted successfully but some aspects of the session description such as the requested media, bandwidth, or addressing style were not acceptable. A 606 (Not Acceptable) response means that the user wishes to communicate, but cannot adequately support the session described. The 606 (Not Acceptable) response MAY contain a list of reasons in a Warning header field describing why the session described cannot be supported. Warning reason codes are listed in Section 20.43.
Top   ToC   RFC3261 - Page 193
   A message body containing a description of media capabilities MAY be
   present in the response, which is formatted according to the Accept
   header field in the INVITE (or application/sdp if not present), the
   same as a message body in a 200 (OK) response to an OPTIONS request.

   It is hoped that negotiation will not frequently be needed, and when
   a new user is being invited to join an already existing conference,
   negotiation may not be possible.  It is up to the invitation
   initiator to decide whether or not to act on a 606 (Not Acceptable)
   response.

   This status response is returned only if the client knows that no
   other end point will answer the request.

22 Usage of HTTP Authentication

SIP provides a stateless, challenge-based mechanism for authentication that is based on authentication in HTTP. Any time that a proxy server or UA receives a request (with the exceptions given in Section 22.1), it MAY challenge the initiator of the request to provide assurance of its identity. Once the originator has been identified, the recipient of the request SHOULD ascertain whether or not this user is authorized to make the request in question. No authorization systems are recommended or discussed in this document. The "Digest" authentication mechanism described in this section provides message authentication and replay protection only, without message integrity or confidentiality. Protective measures above and beyond those provided by Digest need to be taken to prevent active attackers from modifying SIP requests and responses. Note that due to its weak security, the usage of "Basic" authentication has been deprecated. Servers MUST NOT accept credentials using the "Basic" authorization scheme, and servers also MUST NOT challenge with "Basic". This is a change from RFC 2543.

22.1 Framework

The framework for SIP authentication closely parallels that of HTTP (RFC 2617 [17]). In particular, the BNF for auth-scheme, auth-param, challenge, realm, realm-value, and credentials is identical (although the usage of "Basic" as a scheme is not permitted). In SIP, a UAS uses the 401 (Unauthorized) response to challenge the identity of a UAC. Additionally, registrars and redirect servers MAY make use of 401 (Unauthorized) responses for authentication, but proxies MUST NOT, and instead MAY use the 407 (Proxy Authentication Required)
Top   ToC   RFC3261 - Page 194
   response.  The requirements for inclusion of the Proxy-Authenticate,
   Proxy-Authorization, WWW-Authenticate, and Authorization in the
   various messages are identical to those described in RFC 2617 [17].

   Since SIP does not have the concept of a canonical root URL, the
   notion of protection spaces is interpreted differently in SIP.  The
   realm string alone defines the protection domain.  This is a change
   from RFC 2543, in which the Request-URI and the realm together
   defined the protection domain.

      This previous definition of protection domain caused some amount
      of confusion since the Request-URI sent by the UAC and the
      Request-URI received by the challenging server might be different,
      and indeed the final form of the Request-URI might not be known to
      the UAC.  Also, the previous definition depended on the presence
      of a SIP URI in the Request-URI and seemed to rule out alternative
      URI schemes (for example, the tel URL).

   Operators of user agents or proxy servers that will authenticate
   received requests MUST adhere to the following guidelines for
   creation of a realm string for their server:

      o  Realm strings MUST be globally unique.  It is RECOMMENDED that
         a realm string contain a hostname or domain name, following the
         recommendation in Section 3.2.1 of RFC 2617 [17].

      o  Realm strings SHOULD present a human-readable identifier that
         can be rendered to a user.

   For example:

      INVITE sip:bob@biloxi.com SIP/2.0
      Authorization: Digest realm="biloxi.com", <...>

   Generally, SIP authentication is meaningful for a specific realm, a
   protection domain.  Thus, for Digest authentication, each such
   protection domain has its own set of usernames and passwords.  If a
   server does not require authentication for a particular request, it
   MAY accept a default username, "anonymous", which has no password
   (password of "").  Similarly, UACs representing many users, such as
   PSTN gateways, MAY have their own device-specific username and
   password, rather than accounts for particular users, for their realm.

   While a server can legitimately challenge most SIP requests, there
   are two requests defined by this document that require special
   handling for authentication: ACK and CANCEL.
Top   ToC   RFC3261 - Page 195
   Under an authentication scheme that uses responses to carry values
   used to compute nonces (such as Digest), some problems come up for
   any requests that take no response, including ACK.  For this reason,
   any credentials in the INVITE that were accepted by a server MUST be
   accepted by that server for the ACK.  UACs creating an ACK message
   will duplicate all of the Authorization and Proxy-Authorization
   header field values that appeared in the INVITE to which the ACK
   corresponds.  Servers MUST NOT attempt to challenge an ACK.

   Although the CANCEL method does take a response (a 2xx), servers MUST
   NOT attempt to challenge CANCEL requests since these requests cannot
   be resubmitted.  Generally, a CANCEL request SHOULD be accepted by a
   server if it comes from the same hop that sent the request being
   canceled (provided that some sort of transport or network layer
   security association, as described in Section 26.2.1, is in place).

   When a UAC receives a challenge, it SHOULD render to the user the
   contents of the "realm" parameter in the challenge (which appears in
   either a WWW-Authenticate header field or Proxy-Authenticate header
   field) if the UAC device does not already know of a credential for
   the realm in question.  A service provider that pre-configures UAs
   with credentials for its realm should be aware that users will not
   have the opportunity to present their own credentials for this realm
   when challenged at a pre-configured device.

   Finally, note that even if a UAC can locate credentials that are
   associated with the proper realm, the potential exists that these
   credentials may no longer be valid or that the challenging server
   will not accept these credentials for whatever reason (especially
   when "anonymous" with no password is submitted).  In this instance a
   server may repeat its challenge, or it may respond with a 403
   Forbidden.  A UAC MUST NOT re-attempt requests with the credentials
   that have just been rejected (though the request may be retried if
   the nonce was stale).

22.2 User-to-User Authentication

When a UAS receives a request from a UAC, the UAS MAY authenticate the originator before the request is processed. If no credentials (in the Authorization header field) are provided in the request, the UAS can challenge the originator to provide credentials by rejecting the request with a 401 (Unauthorized) status code. The WWW-Authenticate response-header field MUST be included in 401 (Unauthorized) response messages. The field value consists of at least one challenge that indicates the authentication scheme(s) and parameters applicable to the realm.
Top   ToC   RFC3261 - Page 196
   An example of the WWW-Authenticate header field in a 401 challenge
   is:

      WWW-Authenticate: Digest
              realm="biloxi.com",
              qop="auth,auth-int",
              nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
              opaque="5ccc069c403ebaf9f0171e9517f40e41"

   When the originating UAC receives the 401 (Unauthorized), it SHOULD,
   if it is able, re-originate the request with the proper credentials.
   The UAC may require input from the originating user before
   proceeding.  Once authentication credentials have been supplied
   (either directly by the user, or discovered in an internal keyring),
   UAs SHOULD cache the credentials for a given value of the To header
   field and "realm" and attempt to re-use these values on the next
   request for that destination.  UAs MAY cache credentials in any way
   they would like.

   If no credentials for a realm can be located, UACs MAY attempt to
   retry the request with a username of "anonymous" and no password (a
   password of "").

   Once credentials have been located, any UA that wishes to
   authenticate itself with a UAS or registrar -- usually, but not
   necessarily, after receiving a 401 (Unauthorized) response -- MAY do
   so by including an Authorization header field with the request.  The
   Authorization field value consists of credentials containing the
   authentication information of the UA for the realm of the resource
   being requested as well as parameters required in support of
   authentication and replay protection.

   An example of the Authorization header field is:

      Authorization: Digest username="bob",
              realm="biloxi.com",
              nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
              uri="sip:bob@biloxi.com",
              qop=auth,
              nc=00000001,
              cnonce="0a4f113b",
              response="6629fae49393a05397450978507c4ef1",
              opaque="5ccc069c403ebaf9f0171e9517f40e41"

   When a UAC resubmits a request with its credentials after receiving a
   401 (Unauthorized) or 407 (Proxy Authentication Required) response,
   it MUST increment the CSeq header field value as it would normally
   when sending an updated request.
Top   ToC   RFC3261 - Page 197

22.3 Proxy-to-User Authentication

Similarly, when a UAC sends a request to a proxy server, the proxy server MAY authenticate the originator before the request is processed. If no credentials (in the Proxy-Authorization header field) are provided in the request, the proxy can challenge the originator to provide credentials by rejecting the request with a 407 (Proxy Authentication Required) status code. The proxy MUST populate the 407 (Proxy Authentication Required) message with a Proxy- Authenticate header field value applicable to the proxy for the requested resource. The use of Proxy-Authenticate and Proxy-Authorization parallel that described in [17], with one difference. Proxies MUST NOT add values to the Proxy-Authorization header field. All 407 (Proxy Authentication Required) responses MUST be forwarded upstream toward the UAC following the procedures for any other response. It is the UAC's responsibility to add the Proxy-Authorization header field value containing credentials for the realm of the proxy that has asked for authentication. If a proxy were to resubmit a request adding a Proxy-Authorization header field value, it would need to increment the CSeq in the new request. However, this would cause the UAC that submitted the original request to discard a response from the UAS, as the CSeq value would be different. When the originating UAC receives the 407 (Proxy Authentication Required) it SHOULD, if it is able, re-originate the request with the proper credentials. It should follow the same procedures for the display of the "realm" parameter that are given above for responding to 401. If no credentials for a realm can be located, UACs MAY attempt to retry the request with a username of "anonymous" and no password (a password of ""). The UAC SHOULD also cache the credentials used in the re-originated request. The following rule is RECOMMENDED for proxy credential caching: If a UA receives a Proxy-Authenticate header field value in a 401/407 response to a request with a particular Call-ID, it should incorporate credentials for that realm in all subsequent requests that contain the same Call-ID. These credentials MUST NOT be cached across dialogs; however, if a UA is configured with the realm of its local outbound proxy, when one exists, then the UA MAY cache
Top   ToC   RFC3261 - Page 198
   credentials for that realm across dialogs.  Note that this does mean
   a future request in a dialog could contain credentials that are not
   needed by any proxy along the Route header path.

   Any UA that wishes to authenticate itself to a proxy server --
   usually, but not necessarily, after receiving a 407 (Proxy
   Authentication Required) response -- MAY do so by including a Proxy-
   Authorization header field value with the request.  The Proxy-
   Authorization request-header field allows the client to identify
   itself (or its user) to a proxy that requires authentication.  The
   Proxy-Authorization header field value consists of credentials
   containing the authentication information of the UA for the proxy
   and/or realm of the resource being requested.

   A Proxy-Authorization header field value applies only to the proxy
   whose realm is identified in the "realm" parameter (this proxy may
   previously have demanded authentication using the Proxy-Authenticate
   field).  When multiple proxies are used in a chain, a Proxy-
   Authorization header field value MUST NOT be consumed by any proxy
   whose realm does not match the "realm" parameter specified in that
   value.

   Note that if an authentication scheme that does not support realms is
   used in the Proxy-Authorization header field, a proxy server MUST
   attempt to parse all Proxy-Authorization header field values to
   determine whether one of them has what the proxy server considers to
   be valid credentials.  Because this is potentially very time-
   consuming in large networks, proxy servers SHOULD use an
   authentication scheme that supports realms in the Proxy-Authorization
   header field.

   If a request is forked (as described in Section 16.7), various proxy
   servers and/or UAs may wish to challenge the UAC.  In this case, the
   forking proxy server is responsible for aggregating these challenges
   into a single response.  Each WWW-Authenticate and Proxy-Authenticate
   value received in responses to the forked request MUST be placed into
   the single response that is sent by the forking proxy to the UA; the
   ordering of these header field values is not significant.

      When a proxy server issues a challenge in response to a request,
      it will not proxy the request until the UAC has retried the
      request with valid credentials.  A forking proxy may forward a
      request simultaneously to multiple proxy servers that require
      authentication, each of which in turn will not forward the request
      until the originating UAC has authenticated itself in their
      respective realm.  If the UAC does not provide credentials for
Top   ToC   RFC3261 - Page 199
      each challenge, the proxy servers that issued the challenges will
      not forward requests to the UA where the destination user might be
      located, and therefore, the virtues of forking are largely lost.

   When resubmitting its request in response to a 401 (Unauthorized) or
   407 (Proxy Authentication Required) that contains multiple
   challenges, a UAC MAY include an Authorization value for each WWW-
   Authenticate value and a Proxy-Authorization value for each Proxy-
   Authenticate value for which the UAC wishes to supply a credential.
   As noted above, multiple credentials in a request SHOULD be
   differentiated by the "realm" parameter.

   It is possible for multiple challenges associated with the same realm
   to appear in the same 401 (Unauthorized) or 407 (Proxy Authentication
   Required).  This can occur, for example, when multiple proxies within
   the same administrative domain, which use a common realm, are reached
   by a forking request.  When it retries a request, a UAC MAY therefore
   supply multiple credentials in Authorization or Proxy-Authorization
   header fields with the same "realm" parameter value.  The same
   credentials SHOULD be used for the same realm.

22.4 The Digest Authentication Scheme

This section describes the modifications and clarifications required to apply the HTTP Digest authentication scheme to SIP. The SIP scheme usage is almost completely identical to that for HTTP [17]. Since RFC 2543 is based on HTTP Digest as defined in RFC 2069 [39], SIP servers supporting RFC 2617 MUST ensure they are backwards compatible with RFC 2069. Procedures for this backwards compatibility are specified in RFC 2617. Note, however, that SIP servers MUST NOT accept or request Basic authentication. The rules for Digest authentication follow those defined in [17], with "HTTP/1.1" replaced by "SIP/2.0" in addition to the following differences: 1. The URI included in the challenge has the following BNF: URI = SIP-URI / SIPS-URI 2. The BNF in RFC 2617 has an error in that the 'uri' parameter of the Authorization header field for HTTP Digest
Top   ToC   RFC3261 - Page 200
          authentication is not enclosed in quotation marks.  (The
          example in Section 3.5 of RFC 2617 is correct.)  For SIP, the
          'uri' MUST be enclosed in quotation marks.

      3.  The BNF for digest-uri-value is:

          digest-uri-value  =  Request-URI ; as defined in Section 25

      4.  The example procedure for choosing a nonce based on Etag does
          not work for SIP.

      5.  The text in RFC 2617 [17] regarding cache operation does not
          apply to SIP.

      6.  RFC 2617 [17] requires that a server check that the URI in the
          request line and the URI included in the Authorization header
          field point to the same resource.  In a SIP context, these two
          URIs may refer to different users, due to forwarding at some
          proxy.  Therefore, in SIP, a server MAY check that the
          Request-URI in the Authorization header field value
          corresponds to a user for whom the server is willing to accept
          forwarded or direct requests, but it is not necessarily a
          failure if the two fields are not equivalent.

      7.  As a clarification to the calculation of the A2 value for
          message integrity assurance in the Digest authentication
          scheme, implementers should assume, when the entity-body is
          empty (that is, when SIP messages have no body) that the hash
          of the entity-body resolves to the MD5 hash of an empty
          string, or:

             H(entity-body) = MD5("") =
          "d41d8cd98f00b204e9800998ecf8427e"

      8.  RFC 2617 notes that a cnonce value MUST NOT be sent in an
          Authorization (and by extension Proxy-Authorization) header
          field if no qop directive has been sent.  Therefore, any
          algorithms that have a dependency on the cnonce (including
          "MD5-Sess") require that the qop directive be sent.  Use of
          the "qop" parameter is optional in RFC 2617 for the purposes
          of backwards compatibility with RFC 2069; since RFC 2543 was
          based on RFC 2069, the "qop" parameter must unfortunately
          remain optional for clients and servers to receive.  However,
          servers MUST always send a "qop" parameter in WWW-Authenticate
          and Proxy-Authenticate header field values.  If a client
          receives a "qop" parameter in a challenge header field, it
          MUST send the "qop" parameter in any resulting authorization
          header field.
Top   ToC   RFC3261 - Page 201
   RFC 2543 did not allow usage of the Authentication-Info header field
   (it effectively used RFC 2069).  However, we now allow usage of this
   header field, since it provides integrity checks over the bodies and
   provides mutual authentication.  RFC 2617 [17] defines mechanisms for
   backwards compatibility using the qop attribute in the request.
   These mechanisms MUST be used by a server to determine if the client
   supports the new mechanisms in RFC 2617 that were not specified in
   RFC 2069.

23 S/MIME

SIP messages carry MIME bodies and the MIME standard includes mechanisms for securing MIME contents to ensure both integrity and confidentiality (including the 'multipart/signed' and 'application/pkcs7-mime' MIME types, see RFC 1847 [22], RFC 2630 [23] and RFC 2633 [24]). Implementers should note, however, that there may be rare network intermediaries (not typical proxy servers) that rely on viewing or modifying the bodies of SIP messages (especially SDP), and that secure MIME may prevent these sorts of intermediaries from functioning. This applies particularly to certain types of firewalls. The PGP mechanism for encrypting the header fields and bodies of SIP messages described in RFC 2543 has been deprecated.

23.1 S/MIME Certificates

The certificates that are used to identify an end-user for the purposes of S/MIME differ from those used by servers in one important respect - rather than asserting that the identity of the holder corresponds to a particular hostname, these certificates assert that the holder is identified by an end-user address. This address is composed of the concatenation of the "userinfo" "@" and "domainname" portions of a SIP or SIPS URI (in other words, an email address of the form "bob@biloxi.com"), most commonly corresponding to a user's address-of-record. These certificates are also associated with keys that are used to sign or encrypt bodies of SIP messages. Bodies are signed with the private key of the sender (who may include their public key with the message as appropriate), but bodies are encrypted with the public key of the intended recipient. Obviously, senders must have foreknowledge of the public key of recipients in order to encrypt message bodies. Public keys can be stored within a UA on a virtual keyring.
Top   ToC   RFC3261 - Page 202
   Each user agent that supports S/MIME MUST contain a keyring
   specifically for end-users' certificates.  This keyring should map
   between addresses of record and corresponding certificates.  Over
   time, users SHOULD use the same certificate when they populate the
   originating URI of signaling (the From header field) with the same
   address-of-record.

   Any mechanisms depending on the existence of end-user certificates
   are seriously limited in that there is virtually no consolidated
   authority today that provides certificates for end-user applications.
   However, users SHOULD acquire certificates from known public
   certificate authorities.  As an alternative, users MAY create self-
   signed certificates.  The implications of self-signed certificates
   are explored further in Section 26.4.2.  Implementations may also use
   pre-configured certificates in deployments in which a previous trust
   relationship exists between all SIP entities.

   Above and beyond the problem of acquiring an end-user certificate,
   there are few well-known centralized directories that distribute
   end-user certificates.  However, the holder of a certificate SHOULD
   publish their certificate in any public directories as appropriate.
   Similarly, UACs SHOULD support a mechanism for importing (manually or
   automatically) certificates discovered in public directories
   corresponding to the target URIs of SIP requests.

23.2 S/MIME Key Exchange

SIP itself can also be used as a means to distribute public keys in the following manner. Whenever the CMS SignedData message is used in S/MIME for SIP, it MUST contain the certificate bearing the public key necessary to verify the signature. When a UAC sends a request containing an S/MIME body that initiates a dialog, or sends a non-INVITE request outside the context of a dialog, the UAC SHOULD structure the body as an S/MIME 'multipart/signed' CMS SignedData body. If the desired CMS service is EnvelopedData (and the public key of the target user is known), the UAC SHOULD send the EnvelopedData message encapsulated within a SignedData message. When a UAS receives a request containing an S/MIME CMS body that includes a certificate, the UAS SHOULD first validate the certificate, if possible, with any available root certificates for certificate authorities. The UAS SHOULD also determine the subject of the certificate (for S/MIME, the SubjectAltName will contain the appropriate identity) and compare this value to the From header field
Top   ToC   RFC3261 - Page 203
   of the request.  If the certificate cannot be verified, because it is
   self-signed, or signed by no known authority, or if it is verifiable
   but its subject does not correspond to the From header field of
   request, the UAS MUST notify its user of the status of the
   certificate (including the subject of the certificate, its signer,
   and any key fingerprint information) and request explicit permission
   before proceeding.  If the certificate was successfully verified and
   the subject of the certificate corresponds to the From header field
   of the SIP request, or if the user (after notification) explicitly
   authorizes the use of the certificate, the UAS SHOULD add this
   certificate to a local keyring, indexed by the address-of-record of
   the holder of the certificate.

   When a UAS sends a response containing an S/MIME body that answers
   the first request in a dialog, or a response to a non-INVITE request
   outside the context of a dialog, the UAS SHOULD structure the body as
   an S/MIME 'multipart/signed' CMS SignedData body.  If the desired CMS
   service is EnvelopedData, the UAS SHOULD send the EnvelopedData
   message encapsulated within a SignedData message.

   When a UAC receives a response containing an S/MIME CMS body that
   includes a certificate, the UAC SHOULD first validate the
   certificate, if possible, with any appropriate root certificate.  The
   UAC SHOULD also determine the subject of the certificate and compare
   this value to the To field of the response; although the two may very
   well be different, and this is not necessarily indicative of a
   security breach.  If the certificate cannot be verified because it is
   self-signed, or signed by no known authority, the UAC MUST notify its
   user of the status of the certificate (including the subject of the
   certificate, its signator, and any key fingerprint information) and
   request explicit permission before proceeding.  If the certificate
   was successfully verified, and the subject of the certificate
   corresponds to the To header field in the response, or if the user
   (after notification) explicitly authorizes the use of the
   certificate, the UAC SHOULD add this certificate to a local keyring,
   indexed by the address-of-record of the holder of the certificate.
   If the UAC had not transmitted its own certificate to the UAS in any
   previous transaction, it SHOULD use a CMS SignedData body for its
   next request or response.

   On future occasions, when the UA receives requests or responses that
   contain a From header field corresponding to a value in its keyring,
   the UA SHOULD compare the certificate offered in these messages with
   the existing certificate in its keyring.  If there is a discrepancy,
   the UA MUST notify its user of a change of the certificate
   (preferably in terms that indicate that this is a potential security
   breach) and acquire the user's permission before continuing to
Top   ToC   RFC3261 - Page 204
   process the signaling.  If the user authorizes this certificate, it
   SHOULD be added to the keyring alongside any previous value(s) for
   this address-of-record.

   Note well however, that this key exchange mechanism does not
   guarantee the secure exchange of keys when self-signed certificates,
   or certificates signed by an obscure authority, are used - it is
   vulnerable to well-known attacks.  In the opinion of the authors,
   however, the security it provides is proverbially better than
   nothing; it is in fact comparable to the widely used SSH application.
   These limitations are explored in greater detail in Section 26.4.2.

   If a UA receives an S/MIME body that has been encrypted with a public
   key unknown to the recipient, it MUST reject the request with a 493
   (Undecipherable) response.  This response SHOULD contain a valid
   certificate for the respondent (corresponding, if possible, to any
   address of record given in the To header field of the rejected
   request) within a MIME body with a 'certs-only' "smime-type"
   parameter.

   A 493 (Undecipherable) sent without any certificate indicates that
   the respondent cannot or will not utilize S/MIME encrypted messages,
   though they may still support S/MIME signatures.

   Note that a user agent that receives a request containing an S/MIME
   body that is not optional (with a Content-Disposition header
   "handling" parameter of "required") MUST reject the request with a
   415 Unsupported Media Type response if the MIME type is not
   understood.  A user agent that receives such a response when S/MIME
   is sent SHOULD notify its user that the remote device does not
   support S/MIME, and it MAY subsequently resend the request without
   S/MIME, if appropriate; however, this 415 response may constitute a
   downgrade attack.

   If a user agent sends an S/MIME body in a request, but receives a
   response that contains a MIME body that is not secured, the UAC
   SHOULD notify its user that the session could not be secured.
   However, if a user agent that supports S/MIME receives a request with
   an unsecured body, it SHOULD NOT respond with a secured body, but if
   it expects S/MIME from the sender (for example, because the sender's
   From header field value corresponds to an identity on its keychain),
   the UAS SHOULD notify its user that the session could not be secured.

   A number of conditions that arise in the previous text call for the
   notification of the user when an anomalous certificate-management
   event occurs.  Users might well ask what they should do under these
   circumstances.  First and foremost, an unexpected change in a
   certificate, or an absence of security when security is expected, are
Top   ToC   RFC3261 - Page 205
   causes for caution but not necessarily indications that an attack is
   in progress.  Users might abort any connection attempt or refuse a
   connection request they have received; in telephony parlance, they
   could hang up and call back.  Users may wish to find an alternate
   means to contact the other party and confirm that their key has
   legitimately changed.  Note that users are sometimes compelled to
   change their certificates, for example when they suspect that the
   secrecy of their private key has been compromised.  When their
   private key is no longer private, users must legitimately generate a
   new key and re-establish trust with any users that held their old
   key.

   Finally, if during the course of a dialog a UA receives a certificate
   in a CMS SignedData message that does not correspond with the
   certificates previously exchanged during a dialog, the UA MUST notify
   its user of the change, preferably in terms that indicate that this
   is a potential security breach.

23.3 Securing MIME bodies

There are two types of secure MIME bodies that are of interest to SIP: use of these bodies should follow the S/MIME specification [24] with a few variations. o "multipart/signed" MUST be used only with CMS detached signatures. This allows backwards compatibility with non-S/MIME- compliant recipients. o S/MIME bodies SHOULD have a Content-Disposition header field, and the value of the "handling" parameter SHOULD be "required." o If a UAC has no certificate on its keyring associated with the address-of-record to which it wants to send a request, it cannot send an encrypted "application/pkcs7-mime" MIME message. UACs MAY send an initial request such as an OPTIONS message with a CMS detached signature in order to solicit the certificate of the remote side (the signature SHOULD be over a "message/sip" body of the type described in Section 23.4). Note that future standardization work on S/MIME may define non-certificate based keys. o Senders of S/MIME bodies SHOULD use the "SMIMECapabilities" (see Section 2.5.2 of [24]) attribute to express their capabilities and preferences for further communications. Note especially that senders MAY use the "preferSignedData"
Top   ToC   RFC3261 - Page 206
         capability to encourage receivers to respond with CMS
         SignedData messages (for example, when sending an OPTIONS
         request as described above).

      o  S/MIME implementations MUST at a minimum support SHA1 as a
         digital signature algorithm, and 3DES as an encryption
         algorithm.  All other signature and encryption algorithms MAY
         be supported.  Implementations can negotiate support for these
         algorithms with the "SMIMECapabilities" attribute.

      o  Each S/MIME body in a SIP message SHOULD be signed with only
         one certificate.  If a UA receives a message with multiple
         signatures, the outermost signature should be treated as the
         single certificate for this body.  Parallel signatures SHOULD
         NOT be used.

         The following is an example of an encrypted S/MIME SDP body
         within a SIP message:

        INVITE sip:bob@biloxi.com SIP/2.0
        Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8
        To: Bob <sip:bob@biloxi.com>
        From: Alice <sip:alice@atlanta.com>;tag=1928301774
        Call-ID: a84b4c76e66710
        CSeq: 314159 INVITE
        Max-Forwards: 70
        Contact: <sip:alice@pc33.atlanta.com>
        Content-Type: application/pkcs7-mime; smime-type=enveloped-data;
             name=smime.p7m
        Content-Disposition: attachment; filename=smime.p7m
           handling=required

      *******************************************************
      * Content-Type: application/sdp                       *
      *                                                     *
      * v=0                                                 *
      * o=alice 53655765 2353687637 IN IP4 pc33.atlanta.com *
      * s=-                                                 *
      * t=0 0                                               *
      * c=IN IP4 pc33.atlanta.com                           *
      * m=audio 3456 RTP/AVP 0 1 3 99                       *
      * a=rtpmap:0 PCMU/8000                                *
      *******************************************************
Top   ToC   RFC3261 - Page 207

23.4 SIP Header Privacy and Integrity using S/MIME: Tunneling SIP

As a means of providing some degree of end-to-end authentication, integrity or confidentiality for SIP header fields, S/MIME can encapsulate entire SIP messages within MIME bodies of type "message/sip" and then apply MIME security to these bodies in the same manner as typical SIP bodies. These encapsulated SIP requests and responses do not constitute a separate dialog or transaction, they are a copy of the "outer" message that is used to verify integrity or to supply additional information. If a UAS receives a request that contains a tunneled "message/sip" S/MIME body, it SHOULD include a tunneled "message/sip" body in the response with the same smime-type. Any traditional MIME bodies (such as SDP) SHOULD be attached to the "inner" message so that they can also benefit from S/MIME security. Note that "message/sip" bodies can be sent as a part of a MIME "multipart/mixed" body if any unsecured MIME types should also be transmitted in a request.

23.4.1 Integrity and Confidentiality Properties of SIP Headers

When the S/MIME integrity or confidentiality mechanisms are used, there may be discrepancies between the values in the "inner" message and values in the "outer" message. The rules for handling any such differences for all of the header fields described in this document are given in this section. Note that for the purposes of loose timestamping, all SIP messages that tunnel "message/sip" SHOULD contain a Date header in both the "inner" and "outer" headers.
23.4.1.1 Integrity
Whenever integrity checks are performed, the integrity of a header field should be determined by matching the value of the header field in the signed body with that in the "outer" messages using the comparison rules of SIP as described in 20. Header fields that can be legitimately modified by proxy servers are: Request-URI, Via, Record-Route, Route, Max-Forwards, and Proxy- Authorization. If these header fields are not intact end-to-end, implementations SHOULD NOT consider this a breach of security. Changes to any other header fields defined in this document constitute an integrity violation; users MUST be notified of a discrepancy.
Top   ToC   RFC3261 - Page 208
23.4.1.2 Confidentiality
When messages are encrypted, header fields may be included in the encrypted body that are not present in the "outer" message. Some header fields must always have a plaintext version because they are required header fields in requests and responses - these include: To, From, Call-ID, CSeq, Contact. While it is probably not useful to provide an encrypted alternative for the Call-ID, CSeq, or Contact, providing an alternative to the information in the "outer" To or From is permitted. Note that the values in an encrypted body are not used for the purposes of identifying transactions or dialogs - they are merely informational. If the From header field in an encrypted body differs from the value in the "outer" message, the value within the encrypted body SHOULD be displayed to the user, but MUST NOT be used in the "outer" header fields of any future messages. Primarily, a user agent will want to encrypt header fields that have an end-to-end semantic, including: Subject, Reply-To, Organization, Accept, Accept-Encoding, Accept-Language, Alert-Info, Error-Info, Authentication-Info, Expires, In-Reply-To, Require, Supported, Unsupported, Retry-After, User-Agent, Server, and Warning. If any of these header fields are present in an encrypted body, they should be used instead of any "outer" header fields, whether this entails displaying the header field values to users or setting internal states in the UA. They SHOULD NOT however be used in the "outer" headers of any future messages. If present, the Date header field MUST always be the same in the "inner" and "outer" headers. Since MIME bodies are attached to the "inner" message, implementations will usually encrypt MIME-specific header fields, including: MIME-Version, Content-Type, Content-Length, Content- Language, Content-Encoding and Content-Disposition. The "outer" message will have the proper MIME header fields for S/MIME bodies. These header fields (and any MIME bodies they preface) should be treated as normal MIME header fields and bodies received in a SIP message. It is not particularly useful to encrypt the following header fields: Min-Expires, Timestamp, Authorization, Priority, and WWW- Authenticate. This category also includes those header fields that can be changed by proxy servers (described in the preceding section). UAs SHOULD never include these in an "inner" message if they are not
Top   ToC   RFC3261 - Page 209
   included in the "outer" message.  UAs that receive any of these
   header fields in an encrypted body SHOULD ignore the encrypted
   values.

   Note that extensions to SIP may define additional header fields; the
   authors of these extensions should describe the integrity and
   confidentiality properties of such header fields.  If a SIP UA
   encounters an unknown header field with an integrity violation, it
   MUST ignore the header field.

23.4.2 Tunneling Integrity and Authentication

Tunneling SIP messages within S/MIME bodies can provide integrity for SIP header fields if the header fields that the sender wishes to secure are replicated in a "message/sip" MIME body signed with a CMS detached signature. Provided that the "message/sip" body contains at least the fundamental dialog identifiers (To, From, Call-ID, CSeq), then a signed MIME body can provide limited authentication. At the very least, if the certificate used to sign the body is unknown to the recipient and cannot be verified, the signature can be used to ascertain that a later request in a dialog was transmitted by the same certificate-holder that initiated the dialog. If the recipient of the signed MIME body has some stronger incentive to trust the certificate (they were able to validate it, they acquired it from a trusted repository, or they have used it frequently) then the signature can be taken as a stronger assertion of the identity of the subject of the certificate. In order to eliminate possible confusions about the addition or subtraction of entire header fields, senders SHOULD replicate all header fields from the request within the signed body. Any message bodies that require integrity protection MUST be attached to the "inner" message. If a Date header is present in a message with a signed body, the recipient SHOULD compare the header field value with its own internal clock, if applicable. If a significant time discrepancy is detected (on the order of an hour or more), the user agent SHOULD alert the user to the anomaly, and note that it is a potential security breach. If an integrity violation in a message is detected by its recipient, the message MAY be rejected with a 403 (Forbidden) response if it is a request, or any existing dialog MAY be terminated. UAs SHOULD notify users of this circumstance and request explicit guidance on how to proceed.
Top   ToC   RFC3261 - Page 210
   The following is an example of the use of a tunneled "message/sip"
   body:

      INVITE sip:bob@biloxi.com SIP/2.0
      Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8
      To: Bob <sip:bob@biloxi.com>
      From: Alice <sip:alice@atlanta.com>;tag=1928301774
      Call-ID: a84b4c76e66710
      CSeq: 314159 INVITE
      Max-Forwards: 70
      Date: Thu, 21 Feb 2002 13:02:03 GMT
      Contact: <sip:alice@pc33.atlanta.com>
      Content-Type: multipart/signed;
        protocol="application/pkcs7-signature";
        micalg=sha1; boundary=boundary42
      Content-Length: 568

      --boundary42
      Content-Type: message/sip

      INVITE sip:bob@biloxi.com SIP/2.0
      Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8
      To: Bob <bob@biloxi.com>
      From: Alice <alice@atlanta.com>;tag=1928301774
      Call-ID: a84b4c76e66710
      CSeq: 314159 INVITE
      Max-Forwards: 70
      Date: Thu, 21 Feb 2002 13:02:03 GMT
      Contact: <sip:alice@pc33.atlanta.com>
      Content-Type: application/sdp
      Content-Length: 147

      v=0
      o=UserA 2890844526 2890844526 IN IP4 here.com
      s=Session SDP
      c=IN IP4 pc33.atlanta.com
      t=0 0
      m=audio 49172 RTP/AVP 0
      a=rtpmap:0 PCMU/8000

      --boundary42
      Content-Type: application/pkcs7-signature; name=smime.p7s
      Content-Transfer-Encoding: base64
      Content-Disposition: attachment; filename=smime.p7s;
         handling=required
Top   ToC   RFC3261 - Page 211
      ghyHhHUujhJhjH77n8HHGTrfvbnj756tbB9HG4VQpfyF467GhIGfHfYT6
      4VQpfyF467GhIGfHfYT6jH77n8HHGghyHhHUujhJh756tbB9HGTrfvbnj
      n8HHGTrfvhJhjH776tbB9HG4VQbnj7567GhIGfHfYT6ghyHhHUujpfyF4
      7GhIGfHfYT64VQbnj756

      --boundary42-

23.4.3 Tunneling Encryption

It may also be desirable to use this mechanism to encrypt a "message/sip" MIME body within a CMS EnvelopedData message S/MIME body, but in practice, most header fields are of at least some use to the network; the general use of encryption with S/MIME is to secure message bodies like SDP rather than message headers. Some informational header fields, such as the Subject or Organization could perhaps warrant end-to-end security. Headers defined by future SIP applications might also require obfuscation. Another possible application of encrypting header fields is selective anonymity. A request could be constructed with a From header field that contains no personal information (for example, sip:anonymous@anonymizer.invalid). However, a second From header field containing the genuine address-of-record of the originator could be encrypted within a "message/sip" MIME body where it will only be visible to the endpoints of a dialog. Note that if this mechanism is used for anonymity, the From header field will no longer be usable by the recipient of a message as an index to their certificate keychain for retrieving the proper S/MIME key to associated with the sender. The message must first be decrypted, and the "inner" From header field MUST be used as an index. In order to provide end-to-end integrity, encrypted "message/sip" MIME bodies SHOULD be signed by the sender. This creates a "multipart/signed" MIME body that contains an encrypted body and a signature, both of type "application/pkcs7-mime".
Top   ToC   RFC3261 - Page 212
   In the following example, of an encrypted and signed message, the
   text boxed in asterisks ("*") is encrypted:

        INVITE sip:bob@biloxi.com SIP/2.0
        Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8
        To: Bob <sip:bob@biloxi.com>
        From: Anonymous <sip:anonymous@atlanta.com>;tag=1928301774
        Call-ID: a84b4c76e66710
        CSeq: 314159 INVITE
        Max-Forwards: 70
        Date: Thu, 21 Feb 2002 13:02:03 GMT
        Contact: <sip:pc33.atlanta.com>
        Content-Type: multipart/signed;
          protocol="application/pkcs7-signature";
          micalg=sha1; boundary=boundary42
        Content-Length: 568

        --boundary42
        Content-Type: application/pkcs7-mime; smime-type=enveloped-data;
             name=smime.p7m
        Content-Transfer-Encoding: base64
        Content-Disposition: attachment; filename=smime.p7m
           handling=required
        Content-Length: 231

      ***********************************************************
      * Content-Type: message/sip                               *
      *                                                         *
      * INVITE sip:bob@biloxi.com SIP/2.0                       *
      * Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 *
      * To: Bob <bob@biloxi.com>                                *
      * From: Alice <alice@atlanta.com>;tag=1928301774          *
      * Call-ID: a84b4c76e66710                                 *
      * CSeq: 314159 INVITE                                     *
      * Max-Forwards: 70                                        *
      * Date: Thu, 21 Feb 2002 13:02:03 GMT                     *
      * Contact: <sip:alice@pc33.atlanta.com>                   *
      *                                                         *
      * Content-Type: application/sdp                           *
      *                                                         *
      * v=0                                                     *
      * o=alice 53655765 2353687637 IN IP4 pc33.atlanta.com     *
      * s=Session SDP                                           *
      * t=0 0                                                   *
      * c=IN IP4 pc33.atlanta.com                               *
      * m=audio 3456 RTP/AVP 0 1 3 99                           *
      * a=rtpmap:0 PCMU/8000                                    *
      ***********************************************************
Top   ToC   RFC3261 - Page 213
        --boundary42
        Content-Type: application/pkcs7-signature; name=smime.p7s
        Content-Transfer-Encoding: base64
        Content-Disposition: attachment; filename=smime.p7s;
           handling=required

        ghyHhHUujhJhjH77n8HHGTrfvbnj756tbB9HG4VQpfyF467GhIGfHfYT6
        4VQpfyF467GhIGfHfYT6jH77n8HHGghyHhHUujhJh756tbB9HGTrfvbnj
        n8HHGTrfvhJhjH776tbB9HG4VQbnj7567GhIGfHfYT6ghyHhHUujpfyF4
        7GhIGfHfYT64VQbnj756

        --boundary42-



(page 213 continued on part 11)

Next Section