メインコンテンツまでスキップ

5. Security Considerations

This page preserves the RFC text for the section and adds navigation metadata for the documentation site.

RFC Text

5. Security Considerations

The security considerations for these "P-" header fields are defined in [RFC7315]. This specification allows some header fields to be present in messages where they were previously not allowed, and the security considerations and assumptions described in [RFC7315] (e.g., regarding only sending information to trusted entities) also apply to those messages. In addition, this specification also disallows some header fields to be present in messages where they were previously allowed. That does not cause any security issues, but implementors need to be aware that implementations may not have been updated according to this document, and take proper actions if a header field occurs, or does not occur, in a message where it should occur (or occurs in a message where it should not occur). This document adds the ability to include P-Access-Network-Info in ACK requests. As documented in [RFC7315], P-Access-Network-Info may include privacy sensitive information, including the user's location. The security and privacy considerations for P-Access-Network-Info in ACK requests are similar to those for the other SIP requests discussed in Section 6.4 of [RFC7315]. The security and privacy considerations for the P-Visited-Network-ID header field are similar to those for the other SIP responses discussed in Section 6.3 of [RFC7315].