19 nov 2012 kl. 15:40 skrev Carsten Bock <carsten(a)ng-voice.com>om>:
Maybe we should merge the docs from 1.5, the docs are
much better:
"Secret phrase used to calculate the nonce value.
The default is to use a random value generated from the random source
in the core.
If you use multiple servers in your installation, and would like to
authenticate on the second server against the nonce generated at the
first one its necessary to explicitly set the secret to the same value
on all servers. However, the use of a shared (and fixed) secret as
nonce is insecure, much better is to stay with the default. Any
clients should send the reply to the server that issued the request."
Done.
Having done that, I think we should rephrase that a bit. An
authenticated request is not a reply...
/O
2012/11/19 Andreas Granig
<agranig(a)sipwise.com>om>:
Thanks Olle and Carsten,
On 11/19/2012 03:27 PM, Carsten Bock wrote:
short question:
Why don't you use a shared secret to create a nonce value?
http://kamailio.org/docs/modules/devel/modules/auth.html#auth.secret
I've noticed this "secret" parameter, but the documentation is a bit
brief on the exact meaning of it, thus my question on the list.
If this setting is really doing what we all think it is doing, then
that'll be great! :)
I'll just try it out...
Andreas
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Carsten Bock
CEO (Geschäftsführer)
ng-voice GmbH
Schomburgstr. 80
D-22767 Hamburg / Germany
http://www.ng-voice.com
mailto:carsten@ng-voice.com
Office +49 40 34927219
Fax +49 40 34927220
Sitz der Gesellschaft: Hamburg
Registergericht: Amtsgericht Hamburg, HRB 120189
Geschäftsführer: Carsten Bock
Ust-ID: DE279344284
Hier finden Sie unsere handelsrechtlichen Pflichtangaben:
http://www.ng-voice.com/imprint/
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users