Hi, I have query regarding challenge response mechanism (digest authentication, MD5) in SIP as follows:
A and B are SIP clients registered with B2BUA. A calls B and sends INVITE to B2BUA. B2BUA challenges INVITE with response 407 Auth. A again sends the INVITE with authentication header (say H1) and required credentials to B2BUA. B2BUA sends this INVITE to B. B has a capability to challenge the INVITE (like Linksys 3102 etc). So, B sends the response 407 Auth. to B2BUA. B2BUA passes this response viz 407 to A. A again generates the INVITE with authentication header (say H2) and sends it to B2BUA. Now my question is 'What should be the implementation in A regarding Authentication Header. Should A includes only authentication header H2 in INVITE or both H1 and H2?' In both the cases whether A includes H1 or H1 and H2 as Authentication Header in INVITE, what should be the implementation in B2BUA when received this INVITE from A since B2BUA has already been authenticate the caller viz A?? Is any RFC describing this scenario? Thanks and Kind Regards, Vivek _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
