> > > Seems the benefit to cache credentials across multiple > dialogs is to reduce traffic (can avoid the > challenge/response messaging). Seems a drawback is that the > "copy attack" risk associated with digest authentication is > increased however. In other words, the longer cached > credentials are allowed to be used, the greater the > availaibility for an attacker to use them. >
I think this also depends on the kind of link established between the proxy and the UA. Fro example, If an IPSEC tunnel is established between the UA and the proxy, proxy can retain the credentials across the dialogs as long as the same link is being used to establish the new dialogs. Regards, Ravi. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
