praveen dandin wrote:
> Hi,
> Consider the below call scenario.
> UAC UAS
> | INVITE
> |--------------------------------------------------->|
> | 401 |
> |<---------------------------------------------------|
> | ACK |
> |--------------------------------------------------->|
> | INVITE with credentials |
> |---------------------------------------------------->|
> | 180 |
> |<----------------------------------------------------|
> | PRACK |
> |---------------------------------------------------->|
>
> Now my queries are:
> 1) Is it MUST to send the credentials in PRACK?
No.
> [RFC 3261 section 22.3 says "If a UA receives a Proxy-Authenticate header
> field value in a 401/407 response to a request with a particular
> Call-ID, it should incorporate credentials for that realm in all subsequent
> requests that contain the same Call-
> ID."
> But the RFC does not mention what if UAC is challenged with
> WWW-Authenticate header]
The above says "should", not MUST or even SHOULD.
IMO it should be taken as wise advice - if you want to avoid having the
subsequent request being challenged you should send the credentials.
> 2) If credentials are not provided in PRACK then can UAS challenge PRACK?
Certainly.
Note that it is apparently common for credentials to *not* be required
for in-dialog requests, but there is no law about this, so certainly
there MAY be a challenge.
> 3) If its possible to challenge the PRACK with 401, should the subsequest
> PRACK with Authorization credential have the incremented CSeq as compared to
> the previous PRACK?
> [RFC 3261 section 22.2 says"When a UAC resubmits a request with its
> credentials after receiving a 401 (Unauthorized) or 407 (Proxy
> Authentication Required) response, it MUST increment the CSeq header field
> value as it would normally
> when sending an updated request."]
A PRACK is like any other request in a dialog, so yes, it needs a new CSeq.
> 4) How the PRACK transactions be maintained in this case?
I don't understand the question. The prack that received the 401 was one
transaction that has completed. The new prack with the credentials based
on the challenge is a new transaction.
Paul
> Please provide your valuable inputs.
>
> Thanks,
> Praveen Dandin
>
>
> ---------------------------------
> Connect with friends all over the world. Get Yahoo! India Messenger.
> _______________________________________________
> Sip-implementors mailing list
> Sip-implementors@lists.cs.columbia.edu
> https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
>
_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
