| Abstract
|
Digest authentication (as defined in RFC2617) is used in SIP
(RFC3261) for user authentication, and less frequently for message
integrity of MIME bodies carried in SIP. Various members of the IETF
security community have periodically suggested that Digest should be
deprecated in favor of the SIP use of S/MIME (RFC2633), support for
which was recently introduced in RFC3261. The author seeks clarity
from the IETF security community on behalf of the SIP community about
the feasibility and possible benefits of using S/MIME instead of
Digest in one or both of these applications.
|
