SIP URI scheme

Last updated December 31, 2021

The SIP URI scheme is a Uniform Resource Identifier (URI) scheme for the Session Initiation Protocol (SIP) multimedia communications protocol. A SIP address is a URI that addresses a specific telephone extension on a voice over IP system. Such a number could be a private branch exchange or an E.164 telephone number dialled through a specific gateway. The scheme was defined in RFC 3261.

Operation

A SIP address is written in user@domain.tld format in a similar fashion to an email address. An address like:

sip:1-999-123-4567@voip-provider.example.net

instructs a SIP client to use the NAPTR and SRV schemes to look up the SIP server associated with the DNS name voip-provider.example.net and connect to that server. If those records are not found, but the name is associated with an IP address, the client will directly contact the SIP server at that IP address on port 5060, by default using the UDP transport protocol.^[1] It will ask the server (which may be a gateway) to be connected to the destination user at 1-999-123-4567. The gateway may require the user REGISTER using SIP before placing this call. If a destination port is provided as part of the SIP URI, the NAPTR/SRV lookups are not used; rather, the client directly connects to the specified host and port.

As a SIP address is text, much like an e-mail address, it may contain non-numeric characters. As the client may be a SIP phone or other device with just a numeric, telephone-like keypad, various schemes exist to associate an entirely numeric identifier to a publicly reachable SIP address. These include the iNum Initiative (which issues E.164-formatted numbers, where the corresponding SIP address is the number '@sip.inum.net'), SIP Broker-style services (which associate a numeric *prefix to the SIP domain name) and the e164.org and e164.arpa domain name servers (which convert numbers to addresses one-by-one as DNS reverse-lookups).

SIP addresses may be used directly in configuration files (for instance, in Asterisk (PBX) installations) or specified through the web interface of a voice-over-IP gateway provider (usually as a call forwarding destination or an address book entry). Systems which allow speed dial from a user's address book using a vertical service code may allow a short numeric code (like *75xx) to be translated to a pre-stored alphanumeric SIP address.

Spam and security issues

In theory, the owner of a SIP-capable telephone handset could publish a SIP address from which they could be freely and directly reached worldwide, in much the same way that SMTP e-mail recipients may be contacted from anywhere at almost no cost to the message sender. Anyone with a broadband connection could install a softphone (such as Ekiga) and call any of these SIP addresses for free.

In practice, various forms of network abuse are discouraging creation and publication of openly reachable SIP addresses:

The spam (electronic) which has rendered SMTP the "spam mail transport protocol" could potentially make published sip: numbers unusable as the numbers are flooded with VoIP spam, usually automatic announcement devices delivering pre-recorded advertisements. Unlike mailto:, sip: establishes a voice call which interrupts the human recipient in real time with a ringing telephone.
SIP is vulnerable to Caller ID spoofing as the displayed name and number, much like the return address on e-mail, is supplied by the sender and not authenticated.
Servers supporting inbound sip: connections are routinely targeted with unauthorised REGISTER attempts with random numeric usernames and passwords, a brute force attack intended to impersonate individual off-premises extensions on the local PBX
Servers supporting inbound sip: connections are also targeted with unsolicited attempts to reach outside numbers, usually premium-rate destinations such as caller-pays-airtime mobile exchanges in foreign countries.

In the server logs, this looks like:

[Oct 23 15:04:02] NOTICE[4539]: chan_sip.c:21614 handle_request_invite: Call from '' to extension '011972599950423' rejected because extension not found in context 'default'.

[Oct 23 15:04:04] NOTICE[4539]: chan_sip.c:21614 handle_request_invite: Call from '' to extension '9011972599950423' rejected because extension not found in context 'default'.

[Oct 23 15:04:07] NOTICE[4539]: chan_sip.c:21614 handle_request_invite: Call from '' to extension '7011972599950423' rejected because extension not found in context 'default'.

[Oct 23 15:04:08] NOTICE[4539]: chan_sip.c:21614 handle_request_invite: Call from '' to extension '972599950423' rejected because extension not found in context 'default'.

an attempt to call a Palestinian mobile telephone (Israel, country code +972) by randomly trying 9- (a common code for an outside line from an office PBX), 011- (the overseas call prefix in the North American Numbering Plan) and 7- (on the off-chance a PBX is using it instead of 9- for an outside line). Security tools such as firewalls or fail2ban must therefore be deployed to prevent unauthorised outside call attempts; many VoIP providers also disable overseas calls to all but countries specifically requested as enabled by the subscriber.

SIPS URI scheme

The SIPS URI scheme adheres to the syntax of the SIP URI, differing only in that the scheme is sips rather than sip. The default Internet port address for SIPS is 5061 unless explicitly specified in the URI.

SIPS allows resources to specify that they should be reached securely. It mandates that each hop over which the request is forwarded up to the target domain must be secured with TLS. The last hop from the proxy of the target domain to the user agent has to be secured according to local policies.

SIPS protects against attackers which try to listen on the signaling link. It does not provide real end-to-end security, since encryption is only hop-by-hop and every single intermediate proxy has to be trusted.

Related Research Articles

The Domain Name System (DNS) is the hierarchical and decentralized naming system used to identify computers, services, and other resources reachable through the internet or other internet protocol networks. The resource records contained in the DNS associate domain names with other forms of information. These are most commonly used to map human-friendly domain names to the numerical IP addresses computers need to locate services and devices using the underlying network protocols, but have been extended over time to perform many other functions as well. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.

The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications. SIP is used for signaling and controlling multimedia communication sessions in applications of Internet telephony for voice and video calls, in private IP telephone systems, in instant messaging over Internet Protocol (IP) networks as well as mobile phone calling over LTE (VoLTE).

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the networks address space. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet telephony, broadband telephony, and broadband phone service specifically refer to the provisioning of communications services over the Internet, rather than via the public switched telephone network (PSTN), also known as plain old telephone service (POTS).

Telephone number mapping is a system of unifying the international telephone number system of the public switched telephone network with the Internet addressing and identification name spaces. Internationally, telephone numbers are systematically organized by the E.164 standard, while the Internet uses the Domain Name System (DNS) for linking domain names to IP addresses and other resource information. Telephone number mapping systems provide facilities to determine applicable Internet communications servers responsible for servicing a given telephone number using DNS queries.

Inter-Asterisk eXchange (IAX) is a communications protocol native to the Asterisk private branch exchange (PBX) software, and is supported by a few other softswitches, PBX systems, and softphones. It is used for transporting VoIP telephony sessions between servers and to terminal devices.

Session Traversal Utilities for NAT (STUN) is a standardized set of methods, including a network protocol, for traversal of network address translator (NAT) gateways in applications of real-time voice, video, messaging, and other interactive communications.

Asterisk is a software implementation of a private branch exchange (PBX). In conjunction with suitable telephony hardware interfaces and network applications, Asterisk is used to establish and control telephone calls between telecommunication endpoints, such as customary telephone sets, destinations on the public switched telephone network (PSTN), and devices or services on voice over Internet Protocol (VoIP) networks. Its name comes from the asterisk (*) symbol for a signal used in dual-tone multi-frequency (DTMF) dialing.

The IP Multimedia Subsystem or IP Multimedia Core Network Subsystem (IMS) is a standardised architectural framework for delivering IP multimedia services. Historically, mobile phones have provided voice call services over a circuit-switched-style network, rather than strictly over an IP packet-switched network. Alternative methods of delivering voice (VoIP) or other multimedia services have become available on smartphones, but they have not become standardized across the industry. IMS is an architectural framework that provides such standardization.

Direct inward dialing (DID), also called direct dial-in (DDI) in Europe and Oceania, is a telecommunication service offered by telephone companies to subscribers who operate a private branch exchange (PBX) system. The feature provides service for multiple telephone numbers over one or more analog or digital physical circuits to the PBX, and transmits the dialed telephone number to the PBX so that a PBX extension is directly accessible for an outside caller, possibly by-passing an auto-attendant.

A VoIP phone or IP phone uses voice over IP technologies for placing and transmitting telephone calls over an IP network, such as the Internet. This is in contrast to a standard phone which uses the traditional public switched telephone network (PSTN).

The domain name .tel is a top-level domain (TLD) in the Domain Name System (DNS) of the Internet. It was approved by ICANN as a sponsored top-level domain, and is operated by Telnic. Telnic announced in January 2011 that over 300,000 domains had been registered since the start of general availability on 24 March 2009. A substantial drop of mostly IDN .tels occurred at the beginning of 2014 - the current total registered .tels as of 21 July 2016 is 98,516.

In computer networking, the Message Session Relay Protocol (MSRP) is a protocol for transmitting a series of related instant messages in the context of a communications session. An application instantiates the session with the Session Description Protocol (SDP) over Session Initiation Protocol (SIP) or other rendezvous methods.

Aculab is a privately held, UK-based limited company that was founded in 1978. It is a designer, developer and manufacturer that specialises in providing API-driven, enabling technology sub-systems for telecommunications related OEM products such as are used in fixed line PSTN, wireless and VoIP networks. Aculab's products are sold worldwide, primarily through direct sales and also via the reseller channel. Aculab's headquarters and R&D facilities are located in Milton Keynes, UK. It has a branch office in Norwood, Massachusetts, USA.

SunComm Technology is a Taiwan multinational computer technology and GSM Voice over IP gateway manufacturer. The main products in 2010 focused on GSM VoIP gateways & IP surveillance camera devices. Core members have been engaging in the communication & networks industry since 1977.

The Session Initiation Protocol (SIP) is the signaling protocol selected by the 3rd Generation Partnership Project (3GPP) to create and control multimedia sessions with two or more participants in the IP Multimedia Subsystem (IMS), and therefore is a key element in the IMS framework.

STIR/SHAKEN, or SHAKEN/STIR, is a suite of protocols and procedures intended to combat caller ID spoofing on public telephone networks. Caller ID spoofing is used by robocallers to mask their identity or to make it appear the call is from a legitimate source, often a nearby phone number with the same area code and exchange, or from well-known agencies like the Internal Revenue Service or Ontario Provincial Police. This sort of spoofing is common for calls originating from voice-over-IP (VoIP) systems, which can be located anywhere in the world.

References

↑ Session Initiation Protocol (SIP): Locating SIP Servers. doi: 10.17487/RFC3263 . RFC 3263.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Session Initiation Protocol (SIP): Locating SIP Servers. doi: 10.17487/RFC3263 . RFC 3263.

[1]

v t e Uniform Resource Identifier (URI) schemes
Official	about acct crid data file ftp geo gopher http https info ldap mailto nfs nntp sip / sips tag telnet urn view-source ws / wss xmpp
Unofficial	coffee ed2k gemini feed finger irc / irc6 / ircs ldaps magnet rsync ymsgr
Protocol list