I have the following question on 22.3 (page 198) of RFC3261. " It is possible for multiple challenges associated with the same realm to appear in the same 401 (Unauthorized) or 407 (Proxy Authentication Required). This can occur, for example, when multiple proxies within the same administrative domain, which use a common realm, are reached by a forking request. When it retries a request, a UAC MAY therefore supply multiple credentials in Authorization or Proxy-Authorization header fields with the same "realm" parameter value. The same credentials SHOULD be used for the same realm."
I am unable to see the validity of the last statement. If a request, due to forking, reaches two different proxies in a particular admin domain and they each challenged the UAC with a different nonce, how can the credentials be the same on the two Authorization headers for that realm? Or, is this intended to say that proxies in one admin domain should ensure they generate the same nonce based on the call-id? _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
