[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Request header integrity in HTTP Digest

To: aki.niemi@nokia.com
Subject: Re: [Sip] Request header integrity in HTTP Digest
From: James Undery <jundery@ubiquity.net>
Date: Tue, 26 Jun 2001 11:01:00 -0400
Cc: jdrosen@dynamicsoft.com, sip@ietf.org
List-Id: Session Initiation Protocol <sip.ietf.org>
Sender: sip-admin@ietf.org



aki.niemi@nokia.com wrote:

> Hi,
>
> May have missed some points in this thread. But let's not totally trash
this
> idea, creative usage of nonce values does indeed increase security. I
think
> this is stated in 2617, and this draft is exactly that, a creative usage
of
> nonce values.

Unfortunately, the source-IP part is also suspect if the hop before the
server
is a farm of stateless proxies, but don't get me started on stateless
proxies
;-)

James Undery


_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

Prev by Date: RE: [Sip] Request header integrity in HTTP Digest
Next by Date: RE: [SIP] Authentication and billing through proxy/re-direct server
Previous by thread: RE: [Sip] Request header integrity in HTTP Digest
Next by thread: RE: [Sip] Request header integrity in HTTP Digest
Index(es):
- Date
- Thread