[SR-Users] Sync nonce between various servers
Olle E. Johansson
oej at edvina.net
Mon Nov 19 15:47:14 CET 2012
19 nov 2012 kl. 15:40 skrev Carsten Bock <carsten at ng-voice.com>:
> Maybe we should merge the docs from 1.5, the docs are much better:
>
> "Secret phrase used to calculate the nonce value.
>
> The default is to use a random value generated from the random source
> in the core.
>
> If you use multiple servers in your installation, and would like to
> authenticate on the second server against the nonce generated at the
> first one its necessary to explicitly set the secret to the same value
> on all servers. However, the use of a shared (and fixed) secret as
> nonce is insecure, much better is to stay with the default. Any
> clients should send the reply to the server that issued the request."
>
Done.
Having done that, I think we should rephrase that a bit. An
authenticated request is not a reply...
/O
> 2012/11/19 Andreas Granig <agranig at sipwise.com>:
>> Thanks Olle and Carsten,
>>
>> On 11/19/2012 03:27 PM, Carsten Bock wrote:
>>> short question:
>>> Why don't you use a shared secret to create a nonce value?
>>>
>>> http://kamailio.org/docs/modules/devel/modules/auth.html#auth.secret
>>
>> I've noticed this "secret" parameter, but the documentation is a bit
>> brief on the exact meaning of it, thus my question on the list.
>>
>> If this setting is really doing what we all think it is doing, then
>> that'll be great! :)
>>
>> I'll just try it out...
>>
>> Andreas
>>
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>
>
>
> --
> Carsten Bock
> CEO (Geschäftsführer)
>
> ng-voice GmbH
> Schomburgstr. 80
> D-22767 Hamburg / Germany
>
> http://www.ng-voice.com
> mailto:carsten at ng-voice.com
>
> Office +49 40 34927219
> Fax +49 40 34927220
>
> Sitz der Gesellschaft: Hamburg
> Registergericht: Amtsgericht Hamburg, HRB 120189
> Geschäftsführer: Carsten Bock
> Ust-ID: DE279344284
>
> Hier finden Sie unsere handelsrechtlichen Pflichtangaben:
> http://www.ng-voice.com/imprint/
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list