[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sip] Request header integrity in HTTP Digest

To: "'Jonathan Rosenberg'" <jdrosen@dynamicsoft.com>, "'sip@ietf.org'" <sip@ietf.org>
Subject: RE: [Sip] Request header integrity in HTTP Digest
From: Corey Gates <corey@hearme.com>
Date: Mon, 18 Jun 2001 09:11:30 -0700
List-Id: Session Initiation Protocol <sip.ietf.org>
Sender: sip-admin@ietf.org

Jonathan,

I believe you left out the "private-key" in the nonce computation in
draft-rosenberg-sip-http-pnonce-00.txt.  The nonce should be:

nonce = H(source-IP:<canonicalization of headers to be
protected>:round-time:private-key)

Without this the nonce could be generated.

Corey Gates


_______________________________________________
Sip mailing list
Sip@ietf.org
http://www.ietf.org/mailman/listinfo/sip

Prev by Date: Re: [Sip] new open issue in session timer: NEEDS resolution now!
Next by Date: RE: [SIP] Killing hung media streams
Previous by thread: Re: [Sip] Request header integrity in HTTP Digest
Next by thread: Re: [Sip] Request header integrity in HTTP Digest
Index(es):
- Date
- Thread