'Re: [Sip-implementors] Sip-implementors Digest, Vol 72, Issue 34'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sip-implementors
Subject:    Re: [Sip-implementors] Sip-implementors Digest, Vol 72, Issue 34
From:       Hollywoodkiller Movies <hollywoodkillermovies () gmail ! com>
Date:       2009-03-27 17:20:16
Message-ID: 43e4d8fe0903271020v2ff620d3tdc32b6a3403b05f2 () mail ! gmail ! com
[Download RAW message or body]

thanks..

On Sat, Mar 28, 2009 at 12:00 AM, <
sip-implementors-request@lists.cs.columbia.edu> wrote:

> Send Sip-implementors mailing list submissions to
>        sip-implementors@lists.cs.columbia.edu
>
> To subscribe or unsubscribe via the World Wide Web, visit
>        https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
> or, via email, send a message with subject or body 'help' to
>        sip-implementors-request@lists.cs.columbia.edu
>
> You can reach the person managing the list at
>        sip-implementors-owner@lists.cs.columbia.edu
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Sip-implementors digest..."
>
>
> Today's Topics:
>
>   1. nonce and response values in Re-REGISTER: Should  it be same
>      as previous REGISTER event for "auth" and "auth-int" qop options?
>      (Vavilapalli Srikanth-A19563)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 27 Mar 2009 23:20:49 +0800
> From: "Vavilapalli Srikanth-A19563" <srikanthv@motorola.com>
> Subject: [Sip-implementors] nonce and response values in Re-REGISTER:
>        Should  it be same as previous REGISTER event for "auth" and
>  "auth-int"
>        qop options?
> To: <sip-implementors@lists.cs.columbia.edu>
> Message-ID:
>        <608D7BFF0D57794785CBC2C440BC4FA1051EE5FB@ZMY16EXM67.ds.mot.com>
> Content-Type: text/plain;       charset="US-ASCII"
>
> Hi
>
> I have a question on 3GPP 24.229 specification related to IMS AKA as a
> security mechanism.. As I have not received any replies in [IMSTech]
> forum, wanted to get clarified with Sip Implementors.
>
>
> Document: 24229-851.doc
>
> 1)"Section 5.1.1.4.2 IMS AKA as a security mechanism: On sending a
> REGISTER request, as defined in subclause 5.1.1.4.1, the UE shall
> additionally populate the header fields as follows:
> a) an Authorization header, with:
>        - the username directive set to the value of the private user
> identity;
>        - the realm directive, set to the value as received in the realm
> directive in the WWW Authenticate header;
>        - the uri directive, set to the SIP URI of the domain name of
> the home network;
>        - the nonce directive, set to last received nonce value; and
>        - the response directive, set to the last calculated response
> value;"
>
> The above section tells that UE shall add Authorization header in
> Refresh REGISTER with same nonce and response as last
> received/calculated values. Does this applicable even if 401 carries qop
> options as "auth" or "auth-int"? RFC 2617 describes the usage of
> nonce-count in digest calculation and nonce-count has to be incremented
> every time UE uses the same nonce. In such scenario, won't the digest
> response value generated for Refresh REGISTER different from last
> calculated response value?
>
> 2)"Section 5.1.1.4.3 SIP digest without TLS as a security mechanism: On
> sending a REGISTER request that does not contain a challenge response,
> the UE shall additionally populate the header fields as follows:
>
> a) an Authorization header as defined in RFC 2617 [21], including:
>        - the username directive, set to the value of the private user
> identity;
>        - the realm directive, set to the domain name of the home
> network;
>        - the uri directive, set to the SIP URI of the domain name of
> the home network;
>        - the nonce directive, set to an empty value; and
>        - the response directive, set to an empty value;"
>
> In the above section,
> i) what does the phrase "REGISTER request that does not contain a
> challenge response" mean? Does it mean that 'Refresh REGISTER' in the
> above context?
> Ii)Any specific reason on why the nonce and response directive to be
> empty in the case of SIP digest with/without TLS?
>
>
> Please help me to understand this mechanism.. Appreciate ur help in this
> regard.
>
>
> Regards
> Srikanth
>
>
>
> ------------------------------
>
> _______________________________________________
> Sip-implementors mailing list
> Sip-implementors@lists.cs.columbia.edu
> https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
>
> End of Sip-implementors Digest, Vol 72, Issue 34
> ************************************************
>



-- 
http://www.watch-movies-online-hollywoodkiller.com

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic