> Hi, RFC 3261 says: > > ------------------------ > 17.2.3 Matching Requests to Server Transactions > The request matches a transaction if: > > 1. the branch parameter in the request is equal to the > one in the > top Via header field of the request that created the > transaction, and > > 2. the sent-by value in the top Via of the request is > equal to the > one in the request that created the transaction, and > > 3. the method of the request matches the one that created the > transaction, except for ACK, where the method of the request > that created the transaction is INVITE. > ------------------------ > > Does someone really implement the point 2?
Yes. <snip> > Well, IMHO it's not neccesary *at all* to match > the point 2, it's completely enough with > points 1 and 3. What do you thing? The reason for 2 is subsequently discussed within the same section: "The sent-by value is used as part of the matching process because there could be accidental or malicious duplication of branch parameters from different clients." Because the Via sent-by can be spoofed as easily as branch, the benefit is mainly associated with accidental duplication. _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
