Arjun Nair wrote: > Scott Lawrence wrote: >> On Fri, 2008-10-24 at 14:46 -0400, Dale Worley wrote: >>> I'm not convinced that anyone *uses* out-of-dialog REFERs, despite the >>> number of times I have seen mechanisms proposed in the IETF that use >>> them. But it's clear that if someone uses o.o.d. REFER for something, >>> the mechanism should require authentication (otherwise it would be quite >>> a security problem). So I vote for authenticating o.o.d. REFER. >> Agreed. I think we should have a short list of methods that allowed >> out-of-dialog (OPTIONS, at least) without challenge. All others should >> be challenged if they have on of our identities in the From header. >> > > > OK, I will go ahead with this implementation. As of now we only have REGISTER > and OPTIONs method that will challenged, even if they are out-of-dialog. > > Arjun
Sorry, that was meant to read " *WILL NOT* be challenged".. _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
