On 03/10/2011 11:36 AM, Evgeniy Khramtsov wrote: > From the RFC (3261 and 2617) it is unclear for me whether the "uri" > parameter (aka digest-uri) in the WWW-Authorization or > Proxy-Authorization header is case-insensitive or not. For instance, are > URIs uri="sip:user@domain" and uri="sip:USER@domain" equal or not? > <http://tools.ietf.org/html/rfc2617>
RFC 2617 is not specific about this. Although SIP treats user portion of a uri as case insensitive, RFC 2617 seems to indicate that the comparison between the digest uri is an opaque comparison against the request-uri. I guess the principle "*Be strict in what you send, but generous in what you receive*" applies here. But then this is a security matter and some may argue that would be a bad idea. I would be interested if someone can nail a text in an RFC somewhere that nails this. _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
