Hi. I have bumped into Question #19 from http://www.sipknowledge.com/SIP_Dev_Expert_Exam_Linked_from_most_wanted_ 42.htm. They ask there about possible cases when SIP client may get authenticated by a server. This makes me wonder: There does not seem to be a current way to authenticate a called party by a proxy right? (as the proxy-authenticate header may be used only in 4xx responses but not in INVITE), so we need to trust the registrar that it fulfilled its authentication job. But what if we like to keep registration interval very large (e.g. for sake of saving battery's life, keeping network quiet)? How can one make sure the security of the phone was not compromised at the meantime? -uri _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
