[SR-Users] [ims_auth] compute authenticate field in diameter server, not kamailio
JB
jbf.nospam at gmail.com
Fri Oct 2 13:39:48 CEST 2015
Hello all, we are working on a SIP solution using Kamailio.
We want to secure our base of user credentials even in case of attack on
the SIP server, and for that reason we plan to use diameter authentication
as described in RFC http://www.rfc-base.org/txt/rfc-4740.txt
Paragraph 6.2 describes a mode where the HSS answer with code
DIAMETER_MULTI_ROUND_AUTH ,and then validate user credential after a
second round trip.
This does NOT corresponds to what is done on Kamailio ims_auth, where
credentials (actually a hash of the credentials, but its enough to
authenticate )
) are pushed to kamailio, which does the computation of the expected
answer (which corresponds to par 6.3 of the RFC 4740)
Is there any kamailio module that would allow to use the method with
DIAMETER_MULTI_ROUND_AUTH ?
Thank you
JB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20151002/5f377499/attachment.html>
More information about the sr-users
mailing list