Hello,
On 11/12/07 13:49, Klaus Darilion wrote:
Hi!
the ..._challenge() functions support adding the qop=auth to the
challenge.
This will cause the SIP client to use the nonce count in the digest
response. Is this nonce count actually used in openser?
it is used :-), but maybe
not strictly as standards says. You are right,
Thus, currently there is no security benefit of using qop=auth - correct?
regards
klaus
should be some stateful handling, right now it just
accepts it and uses
to compute the digest response.
Cheers,
Daniel
> I guess this would require stateful handling of nonce and nonce-count.
>
> regards
> klaus
>
> _______________________________________________
> Users mailing list
> Users(a)lists.openser.org
>
http://lists.openser.org/cgi-bin/mailman/listinfo/users
>
>