Trusting SIP

My good friend and colleague with others have for over a year now been working on a trait-based authorization specification for SIP known to some as 'SIP-SAML' . This fulfills the requirements outlined in “Trait-based Authorization Requirements for the Session Initiation Protocol (SIP)”, which specifies bindings and profiles for attribute statements (and assertions) from SAML artifacts. This then informs SIP intermediaries with the necessary material to make policy decisions about handling SIP signals (and the subsequent messages), among other use cases.

I've recently discovered that some have considered applying openID in a (slightly) similar manner for SIP mentioned here.

As the above reference articulates, improvements are required to the base openID architecture to accomplish this. Perhaps a token transformation via Liberty Alliance Authentication Service (pdf) accomplishes this objective.