[Devel] SIP Identity support
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Mar 22 17:26:56 CET 2007
Hi Alexander!
Great! Contributions are always welcome. Please upload the source code
on the "patches" tracker on sourceforge:
http://sourceforge.net/tracker/?group_id=139143&atid=743022
btw: do you know about the auth_identity module in ser (which provides
probably the some functionality) ? advantages/disadvantages?
Do you build the identity header using the original received message or
after all the message rewriting (lumps) have been applied?
regards
klaus
Alexander Christ wrote:
> Hello all!
>
> As part of my diploma thesis about SIP security, I have written a module which
> adds support for SIP Identity (RFC 4474). I would like to publish this
> module, if someone is interested.
>
> The module is written for version 1.1.0.
>
> There are 2 known limitations for the Verifier in this module:
> 1.)Certificates are not downloaded. They have to be stored locally. (see
> chapter 6 of RFC 4474)
> 2.)Call-IDs of valid requests containing an Identity header are not recorded.
> Hence the Verifier does not provide full replay protection. (see section 13.1
> of RFC 4474)
>
> At the moment documentation is in German, but I am going to make an English
> translation.
>
> Regards
> Alexander Christ
>
> ----
> Alexander Christ - student at Cologne University of Applied Sciences
> ----
>
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel
More information about the Devel
mailing list