Hi there,
In a REGISTER case there is a HeaderField AUTHORIZATION. The usual encryption algorithm is "MD5".
Is it possible to REGISTER without any encryption?
Please give a statement if I understood everything right or correct me:
Digest Username => not encrypted; realm =>not encrypted; URI =>not encrypted;
Nonce => encrypted => is Password? Response => encrypted => what´s that?
Thanks!
P.S.: I sniffered the network traffic when I registerd,established a VoIP-Connection and ended my call. Etherreal, the snifferprogramm, does understand SIP and SDP so I could easy protocol and understand what was going on.
Hello, comments inline.
On 03-01 10:17, Karsten Knüttel wrote:
Hi there,
In a REGISTER case there is a HeaderField AUTHORIZATION. The usual encryption algorithm is "MD5".
MD5 is used for hash computation, not for encryption.
Is it possible to REGISTER without any encryption?
There is no encryption used, the Authorization header field is used for authorization only, not for encryption.
Please give a statement if I understood everything right or correct me:
Digest Username => not encrypted; realm =>not encrypted; URI =>not encrypted;
Nonce => encrypted => is Password? Response => encrypted => what´s that?
Nonce is a string generated by the server, client uses the string to compute response.
Response is a string computed by the client, among other things, it is a hash of username, password and so on. The server then recalculates the response and if it is same, the user is authenticated.
regards, Jan.
-
Jan Janak -
Karsten Knüttel