But I think it is hard for User A to have so many authentication information in different
Proxies, just as what you listed, I have one doubt:
A-- PA-- PB-- B
Then in implementation, it would be very difficult, then it would cause
a lot of problems, for example, If A call C with different proxies,
such as A--PA--PC--C, then if this request is passed through different
proxied, A would have the corresponding username and password in
different proxies, in implementation, is it possible?
For example , A is in U.S.A, A calls a user B in Japan, suppose there
is a PA in american , A will be validated in PA, a PB in Japan, then
A has to have corresponding information in PB, how can A register his informaiton
in Proxy B in Japan , use what command?
I think SIP structure can refer H.323, according to my limited knowledge,
I think H.323 only authenticate one GK, there is no need for it to authticate in
different GK!!
This is my opinion!
Best regards!
Yours: Ford
-----Original Message-----
From: Shashidhara S G [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 31, 2001 11:18 AM
To: Ford Cheng (Leela); [EMAIL PROTECTED]
Subject: RE: [Sip-implementors] About the authentication and
authorization in inplementation!!!
HI,
Authentication may be required at the end proxy.
take example
A sends INVITE to B
A is behind proxy PA and B is behind PB
even if A is authenticated from PA, PB wants to authenticate A if is allowed
to enter the domain of PB to reach B.
So Authentication may be required at each proxy
--shashi
-----Original Message-----
From: Ford Cheng (Leela) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 31, 2001 11:46 AM
To: [EMAIL PROTECTED]
Subject: [Sip-implementors] About the authentication and authorization in
inplementation!!!
Dear All:
I have one question to consult, in implementation, about the AAA
for SIP . I think in implementation, there is no need to Authenticate
SIP message for each Proxy.
I think authentication is needed when SIP message pass through
the first Proxy, how to judge it, I think it can be judged from Via headers,
if there are more Via headers, then there is no need to authenticate?
that is , we should think the following SIP Proxies are trusted with IPSEC.
One example is I were a user with account [EMAIL PROTECTED], I send a SIP
message
from the proxy of Yahoo.com, then yahoo.com requires me for authentication,
the following proxy, no matter what it is, in implementation, I think there
is no for
me need to authenticate
Could any one give me some sugestion?
I am looking forwards to getting your reply as soon as possible!
Best regards!
Yours: Ford
