Hi Abdul,
I see that's a draft, so hard to judge on how far it will get. And
something like this is not on our roadmap, maybe because of its very,
very low priority in terms of needs. Do you have any idea if anyone
actually implemented this ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Summit May 2017 Amsterdam
http://www.opensips.org/events/Summit-2017Amsterdam.html
On 03/09/2017 12:37 PM, Abdul Basit wrote:
Hi Geeks,
While exploring further I found a draft explaining elliptic curve
secure remote protocol (*EC-SRP*) for SIP authentication
https://tools.ietf.org/html/draft-liu-sipcore-ec-srp5-03
This explanation seems align with my requirements of not storing
password in database.
UAC and UAS both should support EC-SRP.
Do we have any road-map of opensips implementing of EC-RSP or similar
authentication mechanism?
I will check the same with PJSIP because i couldn't find any traces on
their forum as well.
--
regards,
abdul basit
On Wed, Mar 8, 2017 at 9:53 PM, Abdul Basit <[email protected]
<mailto:[email protected]>> wrote:
Hi Bogdan,
I am using PJSIP as UAC and Opensips as UAS with radius for AAA.
I wanted to avoid getting into the code but let me check the
flexibility.
Thank you for your reply :)
--
regards,
abdul basit
On Wed, Mar 8, 2017 at 1:34 AM, Bogdan-Andrei Iancu
<[email protected] <mailto:[email protected]>> wrote:
Hi Abdul,
Besides the digest auth, there is no other standard auth
mechanism for SIP, AFAIK.
If you have control over the SIP UAC, of course, you could try
to build your own auth mechanism - OpenSIPS offers enough
flexibility in terms of both header manipulation and data
computing.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
<http://www.opensips-solutions.com>
OpenSIPS Summit May 2017 Amsterdam
http://www.opensips.org/events/Summit-2017Amsterdam.html
<http://www.opensips.org/events/Summit-2017Amsterdam.html>
On 03/07/2017 10:26 AM, Abdul Basit wrote:
Hi,
I have a scenario where I will create password HASH = SALT +
STRING and save SALT and resulted HASH only in DB. I will
transport random STRING value to my custom sip application as
password.
Digest authentication is not comply with this requirement. Is
that any supported authentication mechanism that can fulfill
this requirement.
or is there any more appropriate authentication mechanism by
opensips/kamailio?
One of the objectives is in case DB will compromise, users
passwords will not available because random STRING will not
store in DB.
Looking forward for suggestions and comments.
-- regards,
abdul basit
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
<http://lists.opensips.org/cgi-bin/mailman/listinfo/users>
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
