Re: [Sip-implementors] authentication, and nonce count

[David Stuart]

Ah, but if the registrar and proxy are the same entity, then it can 
happen yes? In fact, scratch that, it IS happening for me with some 
devices in the field ..

So I find the debate about whether or not it should happen as being 
somewhat academic.. ;)

But I am just wondering what the proper response to this situation is.
[EMAIL PROTECTED] wrote:

following is my opinion:
WWW-Authenticate header is used by UAS to challenge the request.
where as Proxy-Authenticate is used by intermediaries to challenge.
'nonce' by 2 separate entities for challenging, cant be same unless they
are same entities, since the 'nonce' is generated randomly. and 'nonce
count' is always for a 'nonce'.
for the kind of scenario you describe to occur, same entity should
challenge the request with both type of headers, which I do not know
whether it makes a use case. I would think this situation should not occur.
with regards,
Shriniva Shetti
Hughes Software Systems Ltd.

                                                                          
            David Stuart                                                  
            <[EMAIL PROTECTED]                                             
            m>                                                         To 
            Sent by:                  [EMAIL PROTECTED]    
            sip-implementors-                                          cc 
            [EMAIL PROTECTED]                                             
            ia.edu                                                Subject 
                                      [Sip-implementors] authentication,  
                                      and nonce count                     
            08/05/04 10:49 PM                                             
                                                                          
                                                                          
                                                                          
                                                                          
                                                                          


Hi All,
I was wondering about authentication,
There is something called a 'nonce count' which as far as I know is
supposed to 'count' the number of times a nonce has been used.
Can anyone tell me whether this count is supposed to be unique across
both WWW-Authenticate and Proxy-Authenticate? For example, if the same
nonce is used for both headers, what should the count be in the response?
Also, if the same nonce is used twice in the same request (in two
different headers), is the nonce count incremented once, or twice?
--
David Stuart, SIPquest
Email: dave (at) sipquest (dot) com
Phone: 254-8886 x234  Web: http://www.sipquest.com/
Address: 106 - 350 Terry Fox Drive, Kanata Ontario, K2K 2P5
_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
"DISCLAIMER: This message is proprietary to Hughes Software Systems Limited
(HSS) and is intended solely for the use of the individual to whom it is
addressed. It may contain  privileged or confidential information and
should not be circulated or used for any purpose other than for what it is
intended. If you have received this message in error, please notify the
originator immediately. If you are not the intended recipient, you are
notified that you are strictly prohibited from using, copying, altering, or
disclosing the contents of this message. HSS accepts no responsibility for
loss or damage arising from the use of the information transmitted by this
email including damage from virus."
 

--
David Stuart, SIPquest
Email: dave (at) sipquest (dot) com
Phone: 254-8886 x234  Web: http://www.sipquest.com/
Address: 106 - 350 Terry Fox Drive, Kanata Ontario, K2K 2P5

_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors