[Devel] SIP Identity support

Klaus Darilion klaus.mailinglists at pernau.at
Fri Mar 23 08:29:48 CET 2007 


Alexander Christ wrote:
> Hello Klaus!
> 
> I know that there is the auth_identity module in ser. But I do not know much 
> more about it. I have developed my module completely independent of this one.
> 
> I build the identity header using the original received message.

Thus, if the proxy rewrites the message (e.g. nathelper rewrites the 
SDP) then the signature is wrong - correct?

klaus

> 
> I am going to port it to devel version, write a (short) English documentation 
> and upload it on the "patches" tracker within the next few days.
> 
> regards
> Alexander
> 
> Am Donnerstag, 22. März 2007 17:26 schrieb Klaus Darilion:
>> Hi Alexander!
>>
>> Great! Contributions are always welcome. Please upload the source code
>> on the "patches" tracker on sourceforge:
>> http://sourceforge.net/tracker/?group_id=139143&atid=743022
>>
>> btw: do you know about the auth_identity module in ser (which provides
>> probably the some functionality) ? advantages/disadvantages?
>>
>> Do you build the identity header using the original received message or
>> after all the message rewriting (lumps) have been applied?
>>
>> regards
>> klaus
>>
>> Alexander Christ wrote:
>>> Hello all!
>>>
>>> As part of my diploma thesis about SIP security, I have written a module
>>> which adds support for SIP Identity (RFC 4474). I would like to publish
>>> this module, if someone is interested.
>>>
>>> The module is written for version 1.1.0.
>>>
>>> There are 2 known limitations for the Verifier in this module:
>>> 1.)Certificates are not downloaded. They have to be stored locally. (see
>>> chapter 6 of RFC 4474)
>>> 2.)Call-IDs of valid requests containing an Identity header are not
>>> recorded. Hence the Verifier does not provide full replay protection.
>>> (see section 13.1 of RFC 4474)
>>>
>>> At the moment documentation is in German, but I am going to make an
>>> English translation.
>>>
>>> Regards
>>> Alexander Christ
>>>
>>> ----
>>> Alexander Christ - student at Cologne University of Applied Sciences
>>> ----
>>>
>>> _______________________________________________
>>> Devel mailing list
>>> Devel at openser.org
>>> http://openser.org/cgi-bin/mailman/listinfo/devel

More information about the Devel mailing list