[Kamailio-Users] Kamalio Support for RFC 3323 " Privacy"
Klaus Darilion
klaus.mailinglists at pernau.at
Fri Dec 12 01:55:41 CET 2008
Iñaki Baz Castillo wrote:
> El Viernes, 12 de Diciembre de 2008, Klaus Darilion escribió:
>>> The user sends the request with:
>>> From: Anonymous <sip:anonymous at XXXXXx>
>>> P-Preferred-Identity: <sip:alice at domain.com>
>>> Privacy: id
>> If the user has only one identity, then the PPI header is not necessary
>> as the user's identity will be know by the proxy,
>
> Not in case the user wants hidden callerid. In this case the user indicates
> his identity in PPI and set From to anoymous value, and includes Privacy: id.
> The proxy then can know who the sender is and can require credentials, and
> after it removes PPI when sending the request to an untrusted node (or
> removes PPI and replaces with PAI when sending the request to a trusted
> node).
> But PPI is needed in this case even if the user has only one identity.
Probably I am being a little academic (or just too tired) but the
username in the Authentication header would be enough information for
the proxy to add the proper PAI.
regards
klaus
>
>
>> and the user for
>> example bill be identified by its authentication username.
>
> The proxy can inspect the From header and PPI header to look for a local
> domain, and just in that case asks for auth (it makes no sense that a proxy
> requires credentials to an external user).
>
>
>> But this
>> again may cause problem with multidomain configurations and the auth
>> user does not include domain.
>
> That's the point :)
>
>
>> Thus, maybe adding the PPI header always is a good idea.
>
> Unfortunatelly I just know two implementations using PPI when asking for
> privacy: Twinkle and Sofia stack.
>
> Regards.
>
>
More information about the sr-users
mailing list