Best of New in Kamailio 3.0.0 - #16: auth sip identity

auth_identity is a new module in Kamailio (OpenSER) 3.0.0 implementing RFC 4474 - Authenticated Identity Management in the Session Initiation Protocol (SIP) - aka SIP Identity.

The RFC defines a mechanism for securely identifying originators of SIP messages, a transitive authentication system, building signature over SIP message body and relevant headers, like From, To, Date, Call-Id, CSeq, Contact.

Among immediate benefits are protection again man-in-the-middle attacks, registration hijacking or Caller ID spoofing.

The module offers two main services:

• authorizer - authorizes a message and adds Identity and Identity-Info headers
• verifier - verifies an authorized message

The readme of the module is available online at:
http://kamailio.org/docs/modules/3.0.x/modules/auth_identity.html

The series continues with: secure and scalable XMLRPC control interface.