Alpa,
Assuming using the MAC address as username is not an option ( users will probably not like calling '[EMAIL PROTECTED]') you could adopt the convention to use the MAC address as additional input for calculating the digest password. This implies you need to modify / be able to configure the IP phone to do this.
At the provider side, you need to register per username which MAC address they use. Users would still need to provide an additional regular password though, since the MAC address can be easily discovered.
Alternatively, if the requirement is that the MAC address be 'visible' in the REGISTER request, you could add it as a custom parameter to the URI, like so:
REGISTER [EMAIL PROTECTED]; user=phone; mac=12-34-56-78-90-ab
Such a MAC address could be used as additional authentication (i.e. compare it against a database of known MACs per user). It would be less secure than the mac-in-digest convention
In either case, you need control over the IP phone
Regards,
Jeroen
----- Original Message ----- From: "Alpa Ashar" <[EMAIL PROTECTED]>
To: "sip mailing list" <[email protected]>
Sent: Saturday, April 23, 2005 7:02 AM
Subject: [Sip-implementors] MAC address authentication in SIP
Hi All,
I have a question related to following scenario :
A VoIP service provider (uses SIP as signaling protocol) requires MAC address of the IP phone while registering -this is part of the security for access to the service.
Does SIP protocol provide any mechanism to perform MAC address based authentication? If not, then what could be the alternate way of doing this?
Any thoughts/pointers on this will be very helpful.
Thanks, -Alpa
*********************************************************
Disclaimer:
The contents of this E-mail (including the contents of the enclosure(s) or attachment(s) if any) are privileged and confidential material of MBT and should not be disclosed to, used by or copied in any manner by anyone other than the intended addressee(s). In case you are not the desired addressee, you should delete this message and/or re-direct it to the sender. The views expressed in this E-mail message (including the enclosure(s) or attachment(s) if any) are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of MBT.
This e-mail message including attachment/(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure that it is virus free and MBT is not responsible for any loss or damage arising in any way from its use
********************************************************
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________ Sip-implementors mailing list [email protected] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
