19 nov 2012 kl. 15:40 skrev Carsten Bock carsten@ng-voice.com:
Maybe we should merge the docs from 1.5, the docs are much better:
"Secret phrase used to calculate the nonce value.
The default is to use a random value generated from the random source in the core.
If you use multiple servers in your installation, and would like to authenticate on the second server against the nonce generated at the first one its necessary to explicitly set the secret to the same value on all servers. However, the use of a shared (and fixed) secret as nonce is insecure, much better is to stay with the default. Any clients should send the reply to the server that issued the request."
Done.
Having done that, I think we should rephrase that a bit. An authenticated request is not a reply...
/O
2012/11/19 Andreas Granig agranig@sipwise.com:
Thanks Olle and Carsten,
On 11/19/2012 03:27 PM, Carsten Bock wrote:
short question: Why don't you use a shared secret to create a nonce value?
http://kamailio.org/docs/modules/devel/modules/auth.html#auth.secret
I've noticed this "secret" parameter, but the documentation is a bit brief on the exact meaning of it, thus my question on the list.
If this setting is really doing what we all think it is doing, then that'll be great! :)
I'll just try it out...
Andreas
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Carsten Bock CEO (Geschäftsführer)
ng-voice GmbH Schomburgstr. 80 D-22767 Hamburg / Germany
http://www.ng-voice.com mailto:carsten@ng-voice.com
Office +49 40 34927219 Fax +49 40 34927220
Sitz der Gesellschaft: Hamburg Registergericht: Amtsgericht Hamburg, HRB 120189 Geschäftsführer: Carsten Bock Ust-ID: DE279344284
Hier finden Sie unsere handelsrechtlichen Pflichtangaben: http://www.ng-voice.com/imprint/
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users