praveen dandin wrote: > Hi, > Consider the below call scenario. > UAC UAS > | INVITE > |--------------------------------------------------->| > | 401 | > |<---------------------------------------------------| > | ACK | > |--------------------------------------------------->| > | INVITE with credentials | > |---------------------------------------------------->| > | 180 | > |<----------------------------------------------------| > | PRACK | > |---------------------------------------------------->| > > Now my queries are: > 1) Is it MUST to send the credentials in PRACK?
No. > [RFC 3261 section 22.3 says "If a UA receives a Proxy-Authenticate header > field value in a 401/407 response to a request with a particular > Call-ID, it should incorporate credentials for that realm in all subsequent > requests that contain the same Call- > ID." > But the RFC does not mention what if UAC is challenged with > WWW-Authenticate header] The above says "should", not MUST or even SHOULD. IMO it should be taken as wise advice - if you want to avoid having the subsequent request being challenged you should send the credentials. > 2) If credentials are not provided in PRACK then can UAS challenge PRACK? Certainly. Note that it is apparently common for credentials to *not* be required for in-dialog requests, but there is no law about this, so certainly there MAY be a challenge. > 3) If its possible to challenge the PRACK with 401, should the subsequest > PRACK with Authorization credential have the incremented CSeq as compared to > the previous PRACK? > [RFC 3261 section 22.2 says"When a UAC resubmits a request with its > credentials after receiving a 401 (Unauthorized) or 407 (Proxy > Authentication Required) response, it MUST increment the CSeq header field > value as it would normally > when sending an updated request."] A PRACK is like any other request in a dialog, so yes, it needs a new CSeq. > 4) How the PRACK transactions be maintained in this case? I don't understand the question. The prack that received the 401 was one transaction that has completed. The new prack with the credentials based on the challenge is a new transaction. Paul > Please provide your valuable inputs. > > Thanks, > Praveen Dandin > > > --------------------------------- > Connect with friends all over the world. Get Yahoo! India Messenger. > _______________________________________________ > Sip-implementors mailing list > Sip-implementors@lists.cs.columbia.edu > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors > _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors