[Kamailio-Users] Kamalio Support for RFC 3323 " Privacy"

Klaus Darilion klaus.mailinglists at pernau.at
Fri Dec 12 01:55:41 CET 2008


Iñaki Baz Castillo wrote:
> El Viernes, 12 de Diciembre de 2008, Klaus Darilion escribió:
>>> The user sends the request with:
>>>   From: Anonymous <sip:anonymous at XXXXXx>
>>>   P-Preferred-Identity: <sip:alice at domain.com>
>>>   Privacy: id
>> If the user has only one identity, then the PPI header is not necessary
>> as the user's identity will be know by the proxy, 
> 
> Not in case the user wants hidden callerid. In this case the user indicates 
> his identity in PPI and set From to anoymous value, and includes Privacy: id.
> The proxy then can know who the sender is and can require credentials, and 
> after it removes PPI when sending the request to an untrusted node (or 
> removes PPI and replaces with PAI when sending the request to a trusted 
> node).
> But PPI is needed in this case even if the user has only one identity.

Probably I am being a little academic (or just too tired) but the 
username in the Authentication header would be enough information for 
the proxy to add the proper PAI.

regards
klaus

> 
> 
>> and the user for 
>> example bill be identified by its authentication username.
> 
> The proxy can inspect the From header and PPI header to look for a local 
> domain, and just in that case asks for auth (it makes no sense that a proxy 
> requires credentials to an external user).
> 
> 
>> But this 
>> again may cause problem with multidomain configurations and the auth
>> user does not include domain.
> 
> That's the point :)
> 
> 
>> Thus, maybe adding the PPI header always is a good idea.
> 
> Unfortunatelly I just know two implementations using PPI when asking for 
> privacy: Twinkle and Sofia stack.
> 
> Regards.
> 
> 





More information about the Users mailing list