>> Subash
>> RFC3261 says that generally, the CANCEL will be accepted
>> by a server as long as it comes from the same previous hop
>> as the original request. It does not state that CANCEL
>> SHOULD or MUST be sent without credentials.
You are right about that...but i remember that this was an open
issue during the early bis revisions (around 05-06) and the
resolution was that elements must not challenge CANCEL requests.
Ofcourse, this does not forbid you from inserting credentials in
CANCEL but i was trying to get at the fact that it would not
be used by any element anyway.
>> By previous hop, I assume the reference is to the VIA
>> header, right? Since this can be easily spoofed, it
>> is not very secure.
Previous hop refers to the source IP of the request IMO. If
the source IP of the CANCEL is same as the source IP of the
INVITE, that would validate the CANCEL.
>> Anyway, my question was that if the CANCEL originated at
>> a UAC (not a proxy), it can be sent with credentials. In
>> this case, the credentials can be validated. In a
>> proxyless network(!), this technique can be used, instead
>> of the previous hop validation using the VIA header.
>> In such a case, should the nc-value be incremented? I
>> think the answer is yes.
I'm not sure about this. For ACK to INVITE requests, the RFC
says that one should copy the Auth headers from the INVITE
(i.e. don't increment nc-value or recompute the response-digest).
Regards,
Subhash.
_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
