Wrong list yet again, use sip-implementors
User name and password policy are out of scope of this draft.
KD is a function defined as
KD(secret, data) = H(concat(secret, ":", data))
No your examples aren't right, "Method" will be the type of Request
being authenticated, otherwise they look fine from a brief scan.
My suggestions would be use the sip-implementors list and not html ;-)
James
Jatupong Arun wrote:
> I'm not clear about authorization Request Header from rfc26173.2.2
> The Authorization Request Header
>
> The client is expected to retry the request, passing an
> Authorization
> header line, which is defined according to the framework above,
> utilized as follows.
>
> credentials = "Digest" digest-response
> digest-response = 1#( username | realm | nonce | digest-uri
> | response | [ algorithm ] | [cnonce] |
> [opaque] | [message-qop] |
> [nonce-count] | [auth-param] )
>
> username = "username" "=" username-value
> username-value = quoted-string
> digest-uri = "uri" "=" digest-uri-value
> digest-uri-value = request-uri ; As specified by HTTP/1.1
> message-qop = "qop" "=" qop-value
> cnonce = "cnonce" "=" cnonce-value
> cnonce-value = nonce-value
> nonce-count = "nc" "=" nc-value
> nc-value = 8LHEX
> response = "response" "=" request-digest
> request-digest = <"> 32LHEX <">
> LHEX = "0" | "1" | "2" | "3" |
> "4" | "5" | "6" | "7" |
> "8" | "9" | "a" | "b" |
> "c" | "d" | "e" | "f"
> request-digest = <"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) ><">
> if A1 = unq(username-value) ":" unq(realm-value) ":"
> passwd
> where
> passwd = < user's password > A2 = Method ":"
> digest-uri-value???I don't understand 1.user and passwd i must
> recieve from server in the web site 2.what does it mean
> "KD" ???if recieve response from server when register follow this
> messageif i have user = "test1" and password = "test2" and request uri
> = "sipaccount.wcom.com" if( 401 )WWW-Authenticate: Digest realm="MCI
> WorldCom SIP", domain="wcom.com",
> nonce="ea9c8e88df84f1cec4341ae6cbe5a359", opaque="", stale="FALSE",
>
> algorithm="MD5" True or False compute md5 digest is:A1 =test1:MCI
> WorldCom SIP:test2A2=Method:sipaccount.wcom.comrequest-digeist:<KD (
> MD5(A1),"ea9c8e88df84f1cec4341ae6cbe5a359") ":" MD5(A2) )> if( 407
> )Proxy-Authenticate: DIGEST
> realm="WCOM",nonce="7594b47a612e7ff86d314aca4a58280e" True or False
> compute md5 digest is:A1
> =test1:WCOM:test2A2=Method:sipaccount.wcom.comrequest-digeist:<KD (
> MD5(A1),"7594b47a612e7ff86d314aca4a58280e") ":" MD5(A2) )> if have
> some suggestion for me please offer me thanks a lotoossy
_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
