2009/10/7 Juha Heinanen <j...@tutpro.com>: > Iñaki Baz Castillo writes: > > > SIP & XMPP integration is a hack!! > > user simply chooses, based on ua capability, which protocol to use. why > can't the same authentication data be used for both?
Of course both protocols can share the authentication backend (DB/LDAP/Radius...) but the fact is that authentication is done by two servers instead of just one, so issues as nonce reusage and such possible vulnerabilities appear twice in different ways. > > Yes, it's true that until now the only feasible IM and presence > > solution is XMPP, but we are in SIP side! and we must extend the usage > > of SIP for IM and presence (even if implementations are not mature > > yet...). > > this sounds religious and not very practical. Of course, it was a pseudo-joke :) However I think that we cannot rely forever on XMPP to fill the IM&presence requeriments in our VoIP/SIP networks. At some point we have to bet on SIP for IM and presence. Of course, this step requires having a *good* set of specificacions and good server implementations, let's work on it! -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
