From: Mushtaq Ilyas <[EMAIL PROTECTED]> RFC 3261 states that SIP Servers must not accept or request Basic authentication. If a server were to receive a request with an authorization header using Basic authentication what would be an appropriate response?
It could send 400 Bad Request. But more likely, it would ignore any credentials that presented Basic authentication, in line with the general philosophy that authentication credentials that one does not understand one ignores. (There can be more than one set of credentials attached to a request.) After that, if the request did not have sufficient authentication, the server would send 401/407. Dale _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
