Skip to Content.
Sympa Menu - Re: [] Kerberos based authentication for SIP

Subject: SIP in higher education

List archive

Re: [] Kerberos based authentication for SIP

Chronological Thread 
  • From: Shumon Huque <>
  • To:
  • Cc: , Prashant Kumar <>, ,
  • Subject: Re: [] Kerberos based authentication for SIP
  • Date: Mon, 3 Apr 2006 12:23:38 -0400
  • Organization: University of Pennsylvania

On Mon, Apr 03, 2006 at 08:59:51AM -0700, Prashant Kumar wrote:
> Sip identity draft is a very good option. However, using the
> Identity draft will not allow the use of Kerboros and will not
> help the existing Kerboros deployments.

Right, that was my point. SIP Identity helps in the general
interdomain authentication case.

I'm in favor of developing a Kerberos based authentication
mechanism that allows SIP user agents to authenticate themselves
to their *local* SIP registrar/proxy servers.

For end2end, Kerberos isn't enough. You additionally need to use
something like SIP identity or some other federated authentication
approach. Or PKI certificates at UAs with a globally trusted CA,
ugh! :-)


Archive powered by MHonArc 2.6.16.

Top of Page