Are SIP authentication credentials typically cached across multiple dialogs? Seems (to me anyway) that RFC 3261 is vague on the subject. It is talked about in Section 22.2: Once authentication credentials have been supplied (either directly by the user, or discovered in an internal keyring), UAs SHOULD cache the credentials for a given value of the To header field and "realm" and attempt to re-use these values on the next request for that destination. UAs MAY cache credentials in any way they would like. Seems the benefit to cache credentials across multiple dialogs is to reduce traffic (can avoid the challenge/response messaging). Seems a drawback is that the "copy attack" risk associated with digest authentication is increased however. In other words, the longer cached credentials are allowed to be used, the greater the availaibility for an attacker to use them. What is the "industry" standard implementation? How do some of the more popular user agent toolkits handle this? Thanks
_______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
