Hi, I am looking at XECS-1809 Remove P-Asserted Identity authentication for NOTIFYs. I talked with Scott today morning regarding this, and he suggested we change the way how sipXproxy determines if a REQUEST needs PAI authentication.
- Currently, REFER, BYE, OPTIONS, SUBSCRIBE, NOTIFY, and out-of-dialog INVITEs are challenged by sipXproxy - Change this, so that all out-of-dialog REQUESTs are challenged, and in-dialog REQUESTs go through unchallenged - With an exception for REGISTER, as sipXregistrar is in a better position to authenticate them. So, no REGISTERs are challenged. - And an exception for OPTIONS, as they are great for debugging, so, we will not require any authentication from them either. - We use the presence of To-tags to test whether a request is in dialog or not Any comments on this? Also, we couldn't come to a definite conclusion for REFERs. Should we authenticate in-dialog REFERs? How about out-of dialog REFERs? Thanks, Arjun Reference - XECS-1809: http://track.sipfoundry.org/browse/XECS-1809 REFER RFC: http://www.ietf.org/rfc/rfc3515.txt PAI RFC: http://www.ietf.org/rfc/rfc3325.txt _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
