>> >> So far most of authorization between Kamailio and Asterisk relies on IP >> addresses, but those need to be provisioned one by one in both sides. The >> new module is practically adding a custom header with a hash over parts of >> the message or other environment attributes (eg., IP address) and a shared >> secret. The www-digest with username and password has the overhead of an >> extra round of signaling messages, but also the constraint on CSeq increment >> after the challenge. Also, the MD5 is rather week hashing these days. >>
Why can't this be done in the dialplan?. This is exactly why I implemented the MD5 dialplan stuff in Asterisk years ago. We need something else than MD5 today, but still - both Asterisk and Kamailio can handle it without modules or extra coding... The IETF is working on OAUTH authentication for SIP - which is the solution we really want to look into - not copy weak auth from the API world... :-) /O -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
