thanks.. On Sat, Mar 28, 2009 at 12:00 AM, < sip-implementors-requ...@lists.cs.columbia.edu> wrote:
> Send Sip-implementors mailing list submissions to > sip-implementors@lists.cs.columbia.edu > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors > or, via email, send a message with subject or body 'help' to > sip-implementors-requ...@lists.cs.columbia.edu > > You can reach the person managing the list at > sip-implementors-ow...@lists.cs.columbia.edu > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Sip-implementors digest..." > > > Today's Topics: > > 1. nonce and response values in Re-REGISTER: Should it be same > as previous REGISTER event for "auth" and "auth-int" qop options? > (Vavilapalli Srikanth-A19563) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 27 Mar 2009 23:20:49 +0800 > From: "Vavilapalli Srikanth-A19563" <srikan...@motorola.com> > Subject: [Sip-implementors] nonce and response values in Re-REGISTER: > Should it be same as previous REGISTER event for "auth" and > "auth-int" > qop options? > To: <sip-implementors@lists.cs.columbia.edu> > Message-ID: > <608d7bff0d57794785cbc2c440bc4fa1051ee...@zmy16exm67.ds.mot.com> > Content-Type: text/plain; charset="US-ASCII" > > Hi > > I have a question on 3GPP 24.229 specification related to IMS AKA as a > security mechanism.. As I have not received any replies in [IMSTech] > forum, wanted to get clarified with Sip Implementors. > > > Document: 24229-851.doc > > 1)"Section 5.1.1.4.2 IMS AKA as a security mechanism: On sending a > REGISTER request, as defined in subclause 5.1.1.4.1, the UE shall > additionally populate the header fields as follows: > a) an Authorization header, with: > - the username directive set to the value of the private user > identity; > - the realm directive, set to the value as received in the realm > directive in the WWW Authenticate header; > - the uri directive, set to the SIP URI of the domain name of > the home network; > - the nonce directive, set to last received nonce value; and > - the response directive, set to the last calculated response > value;" > > The above section tells that UE shall add Authorization header in > Refresh REGISTER with same nonce and response as last > received/calculated values. Does this applicable even if 401 carries qop > options as "auth" or "auth-int"? RFC 2617 describes the usage of > nonce-count in digest calculation and nonce-count has to be incremented > every time UE uses the same nonce. In such scenario, won't the digest > response value generated for Refresh REGISTER different from last > calculated response value? > > 2)"Section 5.1.1.4.3 SIP digest without TLS as a security mechanism: On > sending a REGISTER request that does not contain a challenge response, > the UE shall additionally populate the header fields as follows: > > a) an Authorization header as defined in RFC 2617 [21], including: > - the username directive, set to the value of the private user > identity; > - the realm directive, set to the domain name of the home > network; > - the uri directive, set to the SIP URI of the domain name of > the home network; > - the nonce directive, set to an empty value; and > - the response directive, set to an empty value;" > > In the above section, > i) what does the phrase "REGISTER request that does not contain a > challenge response" mean? Does it mean that 'Refresh REGISTER' in the > above context? > Ii)Any specific reason on why the nonce and response directive to be > empty in the case of SIP digest with/without TLS? > > > Please help me to understand this mechanism.. Appreciate ur help in this > regard. > > > Regards > Srikanth > > > > ------------------------------ > > _______________________________________________ > Sip-implementors mailing list > Sip-implementors@lists.cs.columbia.edu > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors > > End of Sip-implementors Digest, Vol 72, Issue 34 > ************************************************ > -- http://www.watch-movies-online-hollywoodkiller.com _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
