[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sip] Question regarding draft-dotson-sip-mutual-auth-03

To: "sip at ietf.org" <sip at ietf.org>
Subject: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
From: "Nils Ohlmeier" <lists at ohlmeier.org>
Date: Thu, 12 Mar 2009 19:50:02 +0100 (CET)
Cc: s.hoggan at cablelabs.com, steve.dotson at cox.com
Delivered-to: sip at core3.amsl.com
Importance: Normal
List-archive: <http://www.ietf.org/mail-archive/web/sip>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
User-agent: SquirrelMail/1.4.15

Hello,

after reading the mutual auth draft:

http://tools.ietf.org/id/draft-dotson-sip-mutual-auth-03.txt

I have an open question:
what should the client do if the server send authentication informations
in a Proxy-Authentication-Info header back in a let say 200 response, but
when the client computes response it comes to a different result (e.g.
because man in the middle changed something in the messages)?

In chapter 5 of your draft you are simply referring to RFC3261 for more
details regarding the implementation of the UAC. But I failed to find any
information about the UAC handling of this header in 3261. Even RFC2617
gives no hints, at least I did not found any, what a client should do when
the server authentication fails.
So it is probably not your fault, but still an interesting question I
think. Especially because the client has already send its credentials when
the check of the server authentication fails.

Best regards
  Nils Ohlmeier

Follow-Ups:
- Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
  - From: Sumanth Channabasappa

Prev by Date: Re: [Sip] draft-state-sip-relay-attack-00
Next by Date: Re: [Sip] Terminology (was RE: Fwd:I-DACTION:draft-rosenberg-sip-target-uri-delivery-01.txt
Previous by thread: [Sip] Fwd: Internet Society Panel on IPv6 Deployment during IETF 74
Next by thread: Re: [Sip] Question regarding draft-dotson-sip-mutual-auth-03
Index(es):
- Date
- Thread