SIP is a client-server protocol. All the message transactions in SIP are 2-way except INVITE transaction. Here INVITE transaction has been defined 3-way for different reasons (Both the users must be sure the connection establishment before media exchange)
There is no way to report success/failure about the response authentication as part of the same transaction. Hence response authentication is not supported. If the UAS wants to be sure about the authenticity of the UAC (no auth parameters / auth parameters in request are stale). then It can challenge the request through 401 error code. Reply to challenge in 401, shall be carried through new transaction. Even proxy can also do similar, through 407 response. Thanks, Nataraju A B On Sun, Apr 15, 2012 at 8:02 PM, Vineet Menon <[email protected]>wrote: > Ho Olle, > > So, is that the issue with not being able to authnticate response messages, > that how to convey the sender that one is unable to say whether he was able > to auth. the response??? > > I thought it would be regarding something else in the protocol..... > > Anyways, can't it be done that UAC sends an Option message to indicate > this?? > > Regards, > > Vineet Menon > > > > > On 15 April 2012 15:03, Olle E. Johansson <[email protected]> wrote: > > > > > 14 apr 2012 kl. 16:34 skrev Vineet Menon: > > > > > Hi, > > > > > > I was going thru RFC 4474 which talks about certificate based > > > authentication in SIP. Page no 5 says that the scope of this rfc is > only > > in > > > authenticating request messages. > > > It says that response messages cannot be authenticated based on this > > > mechanism. WHy is it so? > > > > > > Response message too have headers and can he hashed as well... > > > > > How would you respond that you could not authenticate the response? > > > > /O ;-) > > > > > _______________________________________________ > Sip-implementors mailing list > [email protected] > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors > -- Thanks, Nataraju A.B. _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
