Hi Geeks, While exploring further I found a draft explaining elliptic curve secure remote protocol (*EC-SRP*) for SIP authentication https://tools.ietf.org/html/draft-liu-sipcore-ec-srp5-03
This explanation seems align with my requirements of not storing password in database. UAC and UAS both should support EC-SRP. Do we have any road-map of opensips implementing of EC-RSP or similar authentication mechanism? I will check the same with PJSIP because i couldn't find any traces on their forum as well. -- regards, abdul basit On Wed, Mar 8, 2017 at 9:53 PM, Abdul Basit <[email protected]> wrote: > Hi Bogdan, > > I am using PJSIP as UAC and Opensips as UAS with radius for AAA. > I wanted to avoid getting into the code but let me check the flexibility. > > Thank you for your reply :) > > -- > regards, > > abdul basit > > On Wed, Mar 8, 2017 at 1:34 AM, Bogdan-Andrei Iancu <[email protected]> > wrote: > >> Hi Abdul, >> >> Besides the digest auth, there is no other standard auth mechanism for >> SIP, AFAIK. >> >> If you have control over the SIP UAC, of course, you could try to build >> your own auth mechanism - OpenSIPS offers enough flexibility in terms of >> both header manipulation and data computing. >> >> Regards, >> >> Bogdan-Andrei Iancu >> OpenSIPS Founder and Developer >> http://www.opensips-solutions.com >> >> OpenSIPS Summit May 2017 Amsterdam >> http://www.opensips.org/events/Summit-2017Amsterdam.html >> >> On 03/07/2017 10:26 AM, Abdul Basit wrote: >> >> Hi, >> >> I have a scenario where I will create password HASH = SALT + STRING and >> save SALT and resulted HASH only in DB. >> >> I will transport random STRING value to my custom sip application as >> password. >> >> Digest authentication is not comply with this requirement. >> >> Is that any supported authentication mechanism that can fulfill this >> requirement. >> or is there any more appropriate authentication mechanism by >> opensips/kamailio? >> >> One of the objectives is in case DB will compromise, users passwords will >> not available because random STRING will not store in DB. >> >> Looking forward for suggestions and comments. >> >> -- >> regards, >> >> abdul basit >> >> >> _______________________________________________ >> Users mailing >> [email protected]http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> >> >> >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
