2011/12/6 Brett Tate <[email protected]>: > The following are some questions concerning SIP Digest MD5 Authorization. > > 1) Are UTF8-NONASCII allowed within username and realm? Based upon the ABNF, > it appears to be yes. However since SIP authentication is based upon the > HTTP specs (such as rfc2617 and rfc2616), I'm not sure if the SIP ABNF > changes to include UTF8-NONASCII was intentional concerning the topic. More > specifically, I not sure if the rfc2616 TEXT snippet (or something else) > somehow prevents UTF8-NONASCII. > > 2) Can the password used within Digest MD5 authentication calculation include > UTF8-NONASCII?
> 3) If quoted-string username contains useless and required escaping of > characters, is the escaped or un-escaped username supposed to be used within > the calculation? I assume the un-escaped username; however I thought I'd ask > for completeness. If the username and realm fields allow UTF8-NONASCII symbols, why to use hex-.escaped symbols? :) -- Iñaki Baz Castillo <[email protected]> _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
