-mukul
David Stuart wrote:
This Nonce is one which was received in a challange, and this could not be same for two challanges (Assuming it was quite random and very little probability that two machines generate same nonce). These challanges may be for Proxy(Proxy-Authenticate), as well as for UAS(WWW-Authenticate).Hi All,
I was wondering about authentication,
There is something called a 'nonce count' which as far as I know is supposed to 'count' the number of times a nonce has been used.
This header is required for multiple proxy Authentication. Check out the scenario is given in RFC 3665 (SIP Basic Call Flow Examples), Section 3.3.
nonce-count is not used in the mesaages there. Here are the relevant messages with nonce-count header included (This is just for explanation, and according to RFC 2617, it must not be included as no qop directive was received in the challange).
F4 ::
INVITE sip:[EMAIL PROTECTED] SIP/2.0
Via: SIP/2.0/UDP client.atlanta.example.com:5060;branch=z9hG4bK74b21
Max-Forwards: 70
Route: <sip:ss1.atlanta.example.com;lr>
From: Alice <sip:[EMAIL PROTECTED]>;tag=9fxced76sl
To: Bob <sip:[EMAIL PROTECTED]>
Call-ID: [EMAIL PROTECTED]
CSeq: 2 INVITE
Contact: <sip:[EMAIL PROTECTED]>
Proxy-Authorization: Digest username="alice",
realm="atlanta.example.com",
nonce="wf84f1ceczx41ae6cbe5aea9c8e88d359", opaque="",
uri="sip:[EMAIL PROTECTED]", nc=00000001,
response="42ce3cef44b22f50c6a6071bc8"
Content-Type: application/sdp
Content-Length: 151
F10 ::
ACK sip:[EMAIL PROTECTED] SIP/2.0
Via: SIP/2.0/UDP client.atlanta.example.com:5060;branch=z9hG4bK74b21
Max-Forwards: 70
From: Alice <sip:[EMAIL PROTECTED]>;tag=9fxced76sl
To: Bob <sip:[EMAIL PROTECTED]>;tag=838209
Call-ID: [EMAIL PROTECTED] CSeq: 2 ACK
Proxy-Authorization: Digest username="alice",
realm="atlanta.example.com",
nonce="wf84f1ceczx41ae6cbe5aea9c8e88d359", opaque="",
uri="sip:[EMAIL PROTECTED]", nc=00000002,
response="42ce3cef44b22f50c6a6071bc8"
Content-Length: 0
F11 ::
INVITE sip:[EMAIL PROTECTED] SIP/2.0
Via: SIP/2.0/UDP client.atlanta.example.com:5060;branch=z9hG4bK74bf9
Max-Forwards: 70
From: Alice <sip:[EMAIL PROTECTED]>;tag=9fxced76sl
To: Bob <sip:[EMAIL PROTECTED]>
Call-ID: [EMAIL PROTECTED]
CSeq: 3 INVITE
Contact: <sip:[EMAIL PROTECTED]>
Proxy-Authorization: Digest username="alice",
realm="atlanta.example.com",
nonce="wf84f1ceczx41ae6cbe5aea9c8e88d359", opaque="",
uri="sip:[EMAIL PROTECTED]",nc=00000003,
response="42ce3cef44b22f50c6a6071bc8"
Proxy-Authorization: Digest username="alice",
realm="biloxi.example.com",
nonce="c1e22c41ae6cbe5ae983a9c8e88d359", opaque="", nc=00000001,
uri="sip:[EMAIL PROTECTED]", response="f44ab22f150c6a56071bce8"
Content-Type: application/sdp
Content-Length: 151...
Can anyone tell me whether this count is supposed to be unique across both WWW-Authenticate and Proxy-Authenticate? For example, if the same nonce is used for both headers, what should the count be in the response?
Also, if the same nonce is used twice in the same request (in two different headers), is the nonce count incremented once, or twice?
_______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
