In a SIP 401 Unauthorized message from a proxy,
you will get a "WWW-Authenticate" field like this:
WWW-Authenticate: Digest realm="AnyCom",
nonce="e519c3d7920e9d0b13aefd1abb5b15868e7d6fab26",
opaque="1234567890abcedef",
stale=false,
algorithm=MD5,
qop="auth, auth-int"
And in a response, you'd get something like this:
Authorization:Digest username="user1",
realm="AnyCom",
nonce="e519c3d7920e9d0b13aefd1abb5b15868e7d6fab26",
uri="can_this_be_anything?",
qop=auth-int,
nc=00000001,
cnonce="can_this_also_be_anything?",
response="a_calculated_response",
opaque="1234567890abcedef"
I realise that the "response" value has to be calculated exactly.
And I realise the user agent has to use the URI and the CNonce
to calculate the "response" value.
But my questions are:
Does a proxy care what quoted string you use in the URI field?
Does a proxy care what quoted string you use in cnonce?
Thanks,
Attila Sipos
<mailto:[EMAIL PROTECTED]>
<http://www.vegastream.com>
_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
