sorry some typo
first line reads like this
you mean to say proxy is sending one invite to a UAS? and Proxy wants to
challenge this UAS also?
From: "vimal srivastava" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [email protected]
Subject: RE: [Sip-implementors] Authenticating an incoming SIP call
Date: Thu, 13 Oct 2005 15:17:37 -0400
you mean to say proxy is sending one invite to a UAC? and Proxy wants to
challenge this UAC also?
UAC--------INVITE------------> PROXY-------------------INVITE----------UAS
Proxy can challenge only UAC not UAS.
UAS can challenge proxy as well as UAC
this is how it works.
now UAC can include authorization header in the invite itself so that it
does not receive 401 from UAS or 407 from proxy
thats what i meant.
cheers!!
From: "Shikhar Sarkar" <[EMAIL PROTECTED]>
To: <[email protected]>
Subject: RE: [Sip-implementors] Authenticating an incoming SIP call
Date: Thu, 13 Oct 2005 14:15:27 -0400
Vimal,
Did you get my question? I am talking about an incoming call scenario when
say the SIP proxy sends Invite to the SIP client (e.g. my SIP phone). The
SIP proxy wants to challenge the SIP client to make sure the call is not
delivered to a fake entity. How does your comment fit in this scenario?
Or I am missing some basic understanding? Please help.
Shikhar
-----Original Message-----
From: vimal srivastava [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 13, 2005 1:54 PM
To: [EMAIL PROTECTED]; [email protected]
Subject: RE: [Sip-implementors] Authenticating an incoming SIP call
yes, registration alone does not suffice. in the invite you should include
authorization header. if you dont then, you can be challenged by 401 or
407. more over you might end up encoding multiple authorization header for
different nodes in between :)
cheers
From: "Shikhar Sarkar" <[EMAIL PROTECTED]>
To: <[email protected]>
Subject: RE: [Sip-implementors] Authenticating an incoming SIP call
Date: Thu, 13 Oct 2005 13:01:39 -0400
Guys,
This discussion is going interesting. One group of people responded saying
"Yes possible", and the other said "It's not". The end result is that I am
very confused now.
I am trying to figure out a way in which I can challenge the SIP endpoint
before delivering a call to it. The endpoint has already registered and
passed authentication. But, when delivering an incoming call, if I want
additionally to make sure that the call is not delivered to a spoofer, is
there a way to authenticate the user? I am talking about something similar
that happens in the cellular world.
Shikhar
-----Original Message-----
From: Asheesh Joshi [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 13, 2005 1:57 AM
To: 'Shikhar Sarkar'; [email protected]
Subject: RE: [Sip-implementors] Authenticating an incoming SIP call
Yes... Authentication challenge can happen for any request except
CANCEL and ACK
Authentication mechanism is the Digest Authentication.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shikhar
Sarkar
Sent: Thursday, October 13, 2005 4:25 AM
To: [email protected]
Subject: [Sip-implementors] Authenticating an incoming SIP call
Guys,
Is there a way to authenticate a SIP user for incoming call scenario such
as:
IAM Invite
SS7----------->Softswitch------------->WiFi SIP device
The WiFi SIP device of course has already registered with Softswitch. But is
that enough to assume that there is no clone/eavesdropper? I am wondering
why I always see 401/407 challenges always opposite to the direction of
Invite. Is there a way to include Authentication challenge in the Invite
itself?
Please throw some light.
Shikhar
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
