[OpenSER-Users] Digest Authentication and nonce count
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Nov 12 14:45:13 CET 2007
Daniel-Constantin Mierla schrieb:
> Hello,
>
> On 11/12/07 13:49, Klaus Darilion wrote:
>> Hi!
>>
>> the ..._challenge() functions support adding the qop=auth to the
>> challenge.
>>
>> This will cause the SIP client to use the nonce count in the digest
>> response. Is this nonce count actually used in openser?
> it is used :-), but maybe not strictly as standards says. You are right,
Thus, currently there is no security benefit of using qop=auth - correct?
regards
klaus
> should be some stateful handling, right now it just accepts it and uses
> to compute the digest response.
>
> Cheers,
> Daniel
>
>> I guess this would require stateful handling of nonce and nonce-count.
>>
>> regards
>> klaus
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.openser.org
>> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>>
>>
More information about the Users
mailing list