Authenticated Identity Body
From Wikipedia, the free encyclopedia
Authenticated Identity Body or AIB is a way of sharing authenticated identity among parties in a network, allowing a party in a SIP transaction to cryptographically sign the headers that assert the identity of the originator of a message, and provide some other headers necessary for reference integrity.
ABI is described and discussed in RFC 3893.
As said in RFC 3983: "For reasons of end-to-end privacy, it may also be desirable to encrypt AIBs [...] While encryption of AIBs entails that only the holder of a specific key can decrypt the body, that single key could be distributed throughout a network of hosts that exist under common policies. The security of the AIB is therefore predicated on the secure distribution of the key. However, for some networks (in which there are federations of trusted hosts under a common policy), the widespread distribution of a decryption key could be appropriate. Some telephone networks, for example, might require this model. When an AIB is encrypted, the AIB should be encrypted before it is signed."