Daniel-Constantin Mierla schrieb: > Hello, > > On 11/12/07 13:49, Klaus Darilion wrote: >> Hi! >> >> the ..._challenge() functions support adding the qop=auth to the >> challenge. >> >> This will cause the SIP client to use the nonce count in the digest >> response. Is this nonce count actually used in openser? > it is used :-), but maybe not strictly as standards says. You are right,
Thus, currently there is no security benefit of using qop=auth - correct? regards klaus > should be some stateful handling, right now it just accepts it and uses > to compute the digest response. > > Cheers, > Daniel > >> I guess this would require stateful handling of nonce and nonce-count. >> >> regards >> klaus >> >> _______________________________________________ >> Users mailing list >> Users@lists.openser.org >> http://lists.openser.org/cgi-bin/mailman/listinfo/users >> >> _______________________________________________ Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
