List:
I am having a question about SIP dialog validation using src/dst ip. If there is established sip dialog between 'A' & 'B' then can 'C' who is not party to existing dialog and who somehow knows all sip dialog identifiers (Call-ID, To/From Tags) of the dialog between 'A' & 'B', sends target refresh request with its own IP in contact. This is a typical call hijacking case. If this is valid how to avoid that? Is Authentication is only way out or do we have other alternate as well? I didn't find anything on this in 3261 or other related RFCs. Thanks K$ _______________________
_______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
