Module: sip-router Branch: master Commit: 15fdde4fa1d662228568cc92e375d94dd86f2578 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=15fdde4fa1d662228568cc92e375d94dd86f2578
Author: Olle E. Johansson <[email protected]> Committer: Olle E. Johansson <[email protected]> Date: Mon Nov 19 15:53:17 2012 +0100 AUTH minor documentation updates --- modules/auth/README | 11 ++++++----- modules/auth/doc/params.xml | 12 ++++++------ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/modules/auth/README b/modules/auth/README index fa90d51..a429a53 100644 --- a/modules/auth/README +++ b/modules/auth/README @@ -443,15 +443,16 @@ modparam("auth", "otn_in_flight_order", 23) # 8 Mb (1Mb memory) 1.3.10. secret (string) - Secret phrase used to calculate the nonce value. The default is to use - a random value generated from the random source in the core. + Secret phrase used to calculate the nonce value used to challenge the + client for authentication. If you use multiple servers in your installation, and would like to authenticate on the second server against the nonce generated at the first one its necessary to explicitly set the secret to the same value - on all servers. However, the use of a shared (and fixed) secret as - nonce is insecure, much better is to stay with the default. Any clients - should send the reply to the server that issued the request. + on all servers. However, as the use of a shared (and fixed) secret as + nonce is insecure, it is much better is to stay with the default. Any + clients should send the authenticated request to the server that issued + the challenge. Default value is randomly generated string. diff --git a/modules/auth/doc/params.xml b/modules/auth/doc/params.xml index 2fd35ba..f9c1f8a 100644 --- a/modules/auth/doc/params.xml +++ b/modules/auth/doc/params.xml @@ -548,15 +548,15 @@ modparam("auth", "otn_in_flight_order", 23) # 8 Mb (1Mb memory) <section id="auth.secret"> <title><varname>secret</varname> (string)</title> - <para>Secret phrase used to calculate the nonce value. - The default is to use a random value generated from the random source - in the core.</para> + <para>Secret phrase used to calculate the nonce value used to challenge + the client for authentication.</para> <para>If you use multiple servers in your installation, and would like to authenticate on the second server against the nonce generated at the first one its necessary to explicitly set the secret to the same value - on all servers. However, the use of a shared (and fixed) secret as - nonce is insecure, much better is to stay with the default. Any - clients should send the reply to the server that issued the request. + on all servers. However, as the use of a shared (and fixed) secret as + nonce is insecure, it is much better is to stay with the default. Any + clients should send the authenticated request to the server that + issued the challenge. </para> <para> Default value is randomly generated string. _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
