[Kamailio-Users] Kamalio Support for RFC 3323 " Privacy"

Iñaki Baz Castillo ibc at aliax.net
Fri Dec 12 10:49:08 CET 2008


2008/12/12 Klaus Darilion <klaus.mailinglists at pernau.at>:

>> Not in case the user wants hidden callerid. In this case the user
>> indicates his identity in PPI and set From to anoymous value, and includes
>> Privacy: id.
>> The proxy then can know who the sender is and can require credentials, and
>> after it removes PPI when sending the request to an untrusted node (or
>> removes PPI and replaces with PAI when sending the request to a trusted
>> node).
>> But PPI is needed in this case even if the user has only one identity.
>
> Probably I am being a little academic (or just too tired) but the username
> in the Authentication header would be enough information for the proxy to
> add the proper PAI.

Well, as you already said the username in the Authentication is not
enough when handling multidomain. Most probably, the proxy needs to
set a realm in the 401/407 and in case of a multidomain environment it
depends on the From domain.
If From is "anoymous" then PPI header could be inspected to extract
the user domain and generates the nonce with the proper realm.



-- 
Iñaki Baz Castillo
<ibc at aliax.net>


More information about the Users mailing list