[OpenSER-Devel] nonce errors in trunk
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Fri Jun 6 17:44:58 CEST 2008
Juha,
I'm not saying that re-using the nonce is against RFC and that the phone
is broken - I'm saying it is a security issue (stolen credentials) and
rejecting such auth requests does not break anything.
Regards,
Bogdan
Juha Heinanen wrote:
> Bogdan-Andrei Iancu writes:
>
> > The errors you are seeing are a result of the new nonce security check
> > that was added in trunk. See:
> > http://lists.openser.org/pipermail/users/2008-June/017719.html
> >
> > Probably you have in the network some UACs that tries to reuse a nonce
> > for multiple authentications.
>
> the UA in question is cisco/linksys spa941. it does not surprise me at
> all if cisco cannot implement the rfcs their own people are writing.
>
> -- juha
>
>
More information about the Devel
mailing list