Hi,
Our call scenario involves the following exchange:
INV-
- 401
ACK -
INV With Credentials in Authorization header -
Please let us know if in this scenario,
Is it correct to use the same Request URI from the initial INVITE to form the
INVITE with credentials?
(or)
Is it correct to form the
: Wednesday, July 29, 2009 6:09 AM
To: sip-implementors@lists.cs.columbia.edu
Subject: [Sip-implementors] Query about retrying requests with
Authorization
Hi,
Our call scenario involves the following exchange:
INV-
- 401
ACK -
INV With Credentials in Authorization header -
Please
On Wed, 2009-07-29 at 15:39 +0530, Krishna Rao Gurram wrote:
Hi,
Our call scenario involves the following exchange:
INV-
- 401
ACK -
INV With Credentials in Authorization header -
Please let us know if in this scenario,
Is it correct to use the same Request URI from the initial INVITE to
2009/7/29 Scott Lawrence scott.lawre...@nortel.com:
A 4xx response does not create a dialog, so the retry of the INVITE with
credentials is a new request.
It should however, use the same call-id and from tag that the first
INVITE used (with a higher Cseq).
That's not mandatory, it could use
On Wed, 2009-07-29 at 15:48 +0200, Iñaki Baz Castillo wrote:
2009/7/29 Scott Lawrence scott.lawre...@nortel.com:
A 4xx response does not create a dialog, so the retry of the INVITE with
credentials is a new request.
It should however, use the same call-id and from tag that the first
2009/7/29 Scott Lawrence scott.lawre...@nortel.com:
RFC 3261 section 8.1.1.4 Call-ID:
... Note that when requests are retried after certain
failure responses that solicit an amendment to a request (for
example, a challenge for authentication), these retried requests are
On Wed, 2009-07-29 at 16:13 +0200, Iñaki Baz Castillo wrote:
Wow! what could I reply now...?
(I keep that reply around in canned form - it comes up now and then)
Ok, if it would be a MUST you'd convince me XD (joking)
However, it'd also work even if the client uses a different
2009/7/29 Iñaki Baz Castillo i...@aliax.net:
However, it'd also work even if the client uses a different
call-id/from-tag in the second INVITE (with credentials). For example,
a proxy doesn't store the failed dialog status so when receives an
INVITE with credentials it doesn't check
2009/7/29 Scott Lawrence scott.lawre...@nortel.com:
Not with our system (sipXecs).
In order to make replay attacks more difficult, the nonce that sipXecs
returns is cryptographically bound to the call-id and the from tag; if
you change those for the next try, you'll get another 401.
Does it
On Wed, 2009-07-29 at 16:52 +0200, Iñaki Baz Castillo wrote:
2009/7/29 Scott Lawrence scott.lawre...@nortel.com:
Not with our system (sipXecs).
In order to make replay attacks more difficult, the nonce that sipXecs
returns is cryptographically bound to the call-id and the from tag; if
10 matches
Mail list logo
