Prototyping a New Identity Authentication Framework for IP Telephony

This paper describes a prototype of a new authentication paradigm using X.509 certificates but with a new trust model. This paradigm provides a scalable anti-phishing solution to identity management helping legal entities such as government or businesses. This paradigm explicitly gives up the goal of 'global trust' - trust is always 'local'. In everyday life, a user cares only about specific communities, so the idea is to provide necessary and sufficient identification to a particular user. By explicitly limiting the scope of trust we reduce the complexity inherent to the management of certified identities. We present a prototype including certificate management and authentication modules that were integrated with a VoIP application.