[SR-Users] diameter auth with round trip
Daniel-Constantin Mierla
miconda at gmail.com
Tue Oct 6 08:07:10 CEST 2015
Hello,
maybe woth looking at auth_diameter, which is sort of unmaintained,
because of the lack of interest during the past years, but iirc, the
authentication was done inside diameter server, which was returned
ok/not-ok. I expect the module to need some coding, but could be not
that big changes to bring it up to date.
Cheers,
Daniel
On 03/10/15 23:53, JB wrote:
> Hello all, we are working on a SIP solution using Kamailio.
>
> We want to secure our base of user credentials even in case of attack
> on the SIP server, and for that reason we plan to use diameter
> authentication as described in RFC
> http://www.rfc-base.org/txt/rfc-4740.txt
>
> Paragraph 6.2 describes a mode where the HSS answer with code
> DIAMETER_MULTI_ROUND_AUTH ,and then validate user credential after a second round trip.
>
>
> This does NOT corresponds to what is done on Kamailio module ims_auth,
> where credentials (actually a hash of the credentials, but its enough
> to authenticate )
> ) are pushed to kamailio, which does the computation of the expected
> answer (which corresponds to par 6.3 of the RFC 4740)
> Is there any kamailio module that would allow to use the method with DIAMETER_MULTI_ROUND_AUTH ?
>
> Thank you
> JB
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Sep 28-30, 2015, in Berlin - http://asipto.com/u/kat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20151006/4d507646/attachment.html>
More information about the sr-users
mailing list