Archive for the ‘SIP’ Category

New rev of SIP-SAML profile

Tuesday, November 4th, 2008

There’s a new revision of the SIP-SAML profile spec..

SIP SAML Profile and Binding

The key changes in this revision are that we’re aiming for experimental track (for now) due to a subtle-but-important impedance mismatch with the “SIP Identity” spec (RFC 4474, which we build upon), and we’ve add an additional profile to the spec. This new profile simply specifies SAML assertion conveyance “by value” in the body of SIP message(s) rather than “by reference”.

Note that the overall notion of “SIP Identity” has been in-flux over the last year+. Once that set of issues is (hopefully) resolved, then we can do another SIP-SAML spec on the standards track.

Also, the SIP WG co-chairs have called for Working Group Last Call on this -05 revision.

=JeffH sez getcher comments in!

A plug for Gizmo

Thursday, October 5th, 2006

So there’s this bit of software called Gizmo that’s pretty cool, available from It’s a SIP (Session Initiation Protocol) -based “softphone” widget, err.. gizmo, that allows one to make voice calls on the Internet, like VoIP, duh.

Anyway, obvious to anyone who’s paid a lick of attention the past few years, this competes with Skype. Since the Skype folk got a head start in this here land-grab internet property era we’re in, seems many of my colleagues have a skype account, but not many have a Gizmo one. So I’m posting this here to encourage folks to give Gizmo a try. Of course it offers all the features of Skype, and more (much larger concall size is one obvious feature bennie). And it is open-standards-based, as compared to Skype, which is so ridiculously proprietary they even went to enormous lengths to obfuscate their executable code, apparently in order to try stymie reverse-engineering (as I’d written about previously). So anyway, since I favor open-standards-based systems, and work in designing them (eg LDAP, SAML, ID-WSF, and now the SIP-world), I wish more folks would try Gizmo.

The only substantial complaint I’ve heard wrt Gizmo is that it can only register with Gizmo’s own SIP proxy server farms. Well, with the relatively recent version 2.x, this is remedied, and a Gizmo client can register with both the Gizmo proxies, and with any generic (and typically free, in the economic sense) SIP proxy you wish, eg, and, your own open-source Asterisk SIP server at home, or your company’s SIP server.

JeffH sez check it out.

ps: Of course, I’m also very supportive of open source SIP clients — I just haven’t had the time to check them out yet. There are some, though, so take a looksee here, or google for ’em. I’ll have to try some of them out and write about them. There’s also so-called “SIP hardphones” — I just got a SNOM 320 on my desk, and am exploring it. So far it’s pretty cool — although I can’t easily haul it around with me.

SIP-based VoIP client/softphone for PalmOS (e.g. Treo)

Tuesday, May 16th, 2006

see: mobiVoIP

Unfortunately, the beta is oversubscribed. But they do have a “forums” site, so one can “look over the shoulders” of the guinea pigs 😉

“SIP SAML Profile and Binding” Internet-Draft published

Saturday, March 11th, 2006

I recently co-authored a major rewrite of the so-called “SIP SAML” I-D, crafting it into an actual SAMLv2 profile and binding, now (rather plainly) entitled “SIP SAML Profile and Binding”. Here’s the publication announcement: I-D ACTION:draft-tschofenig-sip-saml-05.txt.

Here is the abstract:

This document specifies a Session Initiation Protocol (SIP) profile of Security Assertion Markup Language (SAML) as well as a SAML SIP binding. The defined SIP SAML Profile composes with the mechanisms defined in the SIP Identity specification and satisfy requirements presented in “Trait-based Authorization Requirements for the Session Initiation Protocol (SIP)”.

SIP Identity to be issued as a “Proposed Standard” RFC

Saturday, March 11th, 2006

The “SIP Identity” Internet-Draft, whose lead author is my colleague Jon Peterson, was recently blessed by the IESG and is to be issued as a “Proposed Standard” RFC. Here’s the announcement: Protocol Action: ‘Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)’ to Proposed Standard.