hi!
in either of the signalling flow examples given in the rfc 3310 (4. Example
Digest AKA Operation), the first non-auth REGISTER does not contain an
"Authorization" header. also the rfc does not seem to enforce the usage
of an "Authorization" header right on from the first register.
now, considering that:
1. an correct AKA challenge is user dependent.
2. in order to generate the correct AKA challenge the proxy may need
information about both:
a. the aor (From/To headers of the REGISTER) and
b. the authentication username ("username" parameter of the "Authorization"
header)
the question is how should the proxy generate a correct AKA challenge when
the "Authorization" header is not present in the first (non-auth.)
REGISTER?
bye now!
cristian
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
