Reposting the query, hoping to receive a response this time :-) I believe some others too have this confusion (I remember Attila posting a similar query some time back), so any pointers will be appreciated. Thanks in advance, Subhash Nayak Hughes Software Systems http://www.hssworld.com ============================================================ Hi, Quoting bis-09 (Line 4860-4861) : "UACs creating an ACK message will duplicate all of the Authorization and Proxy-Authorization header field values that appeared in the INVITE to which the ACK corresponds." My interpretation of the above is (Correct me if i am wrong): a. The method used to compute the response digest in the ACK request should be "INVITE" and not "ACK". b. The nonce-count in the ACK should be the same as that of INVITE though it is a different transaction. In other words, is it that servers are not supposed to treat such requests as replay attacks even though a previous request arrived with the exact same nonce-count ? This is fine in case of stateful proxies, but are stateless proxies also expected to maintain such state information to determine whether the ACK credentials are valid ? ============================================================ This message is proprietary to Hughes Software Systems Limited (HSS) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. HSS accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
