The session initiation protocol (SIP) is rapidly becoming the signaling protocol of choice in both enterprise and service provider environments. Service providers will soon begin peering with one another or via third party brokers to meet the demands of their subscribers. This peering will involve SIP user agents on both sides of a service provider-to-service provider interface, both of which will have a need to authenticate the other for security reasons.
In past SIP systems, the user agent that was requesting the services of another user agent could not initiate authentication of the other user agent. The user agent requesting the services is referred to in the art as a user agent client (UAC), and the user agent receiving the request is called the user agent server (UAS).
Past SIP authentication mechanisms, borrowed from HTTP, work well in smaller voice over internet protocol (VoIP) scenarios where the server is implicitly trusted and where the client is the untrusted entity, but can be inadequate in cases where the relationship between the UAS and UAC is a peer-to-peer relationship between coequals, such as the relationship between two telephony service providers. In these cases where the UAS and UAC are peers, past SIP systems may leave UACs less secure.