As Paul said, you don't have to include credentials in PRACK, and a PRACK can be challenged - but it is incredibly rare to challenge them. And frankly there's very little point/benefit in challenging a PRACK. Also, if you challenge a PRACK, you may run into interop issues with some vendors.
-hadriel > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:sip- > [EMAIL PROTECTED] On Behalf Of praveen dandin > Sent: Thursday, April 24, 2008 10:43 AM > To: Sip-implementors@lists.cs.columbia.edu > Subject: [Sip-implementors] Can PRACK be challenged?? > > Hi, > Consider the below call scenario. > UAC UAS > | INVITE > |--------------------------------------------------->| > | 401 | > |<---------------------------------------------------| > | ACK | > |--------------------------------------------------->| > | INVITE with credentials | > |---------------------------------------------------->| > | 180 | > |<----------------------------------------------------| > | PRACK | > |---------------------------------------------------->| > > Now my queries are: > 1) Is it MUST to send the credentials in PRACK? > [RFC 3261 section 22.3 says "If a UA receives a Proxy-Authenticate > header field value in a 401/407 response to a request with a particular > Call-ID, it should incorporate credentials for that realm in all > subsequent requests that contain the same Call- > ID." > But the RFC does not mention what if UAC is challenged with WWW- > Authenticate header] > > 2) If credentials are not provided in PRACK then can UAS challenge > PRACK? > > 3) If its possible to challenge the PRACK with 401, should the > subsequest PRACK with Authorization credential have the incremented CSeq > as compared to the previous PRACK? > [RFC 3261 section 22.2 says"When a UAC resubmits a request with its > credentials after receiving a 401 (Unauthorized) or 407 (Proxy > Authentication Required) response, it MUST increment the CSeq header field > value as it would normally > when sending an updated request."] > > 4) How the PRACK transactions be maintained in this case? > > Please provide your valuable inputs. > > Thanks, > Praveen Dandin > > > --------------------------------- > Connect with friends all over the world. Get Yahoo! India Messenger. > _______________________________________________ > Sip-implementors mailing list > Sip-implementors@lists.cs.columbia.edu > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
