<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<tt>Hi Abdul,<br>
<br>
I see that's a draft, so hard to judge on how far it will get. And
something like this is not on our roadmap, maybe because of its
very, very low priority in terms of needs. Do you have any idea if
anyone actually implemented this ?<br>
<br>
Regards,<br>
</tt>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a>
OpenSIPS Summit May 2017 Amsterdam
<a class="moz-txt-link-freetext" href="http://www.opensips.org/events/Summit-2017Amsterdam.html">http://www.opensips.org/events/Summit-2017Amsterdam.html</a>
</pre>
<div class="moz-cite-prefix">On 03/09/2017 12:37 PM, Abdul Basit
wrote:<br>
</div>
<blockquote
cite="mid:CAGQG5MZE_aa8hhtPzoeVGKCJxSnQZUg4QaebKazywAnj_2rDTQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>Hi Geeks,<br>
<br>
</div>
While exploring further I found a draft explaining
elliptic curve secure remote protocol (<b>EC-SRP</b>) for
SIP authentication<br>
<a moz-do-not-send="true"
href="https://tools.ietf.org/html/draft-liu-sipcore-ec-srp5-03">https://tools.ietf.org/html/draft-liu-sipcore-ec-srp5-03</a><br>
<br>
</div>
This explanation seems align with my requirements of not
storing password in database.<br>
UAC and UAS both should support EC-SRP.<br>
<br>
</div>
Do we have any road-map of opensips implementing of EC-RSP or
similar authentication mechanism?<br>
</div>
<div>I will check the same with PJSIP because i couldn't find
any traces on their forum as well. <br>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="gmail_signature">
<div><font size="2"><span
style="font-family:verdana,sans-serif"><span
style="color:rgb(39,78,19)">--<br>
regards,</span></span></font></div>
<font size="2"><span
style="font-family:verdana,sans-serif"><span
style="color:rgb(39,78,19)"><br>
abdul basit<br>
<br>
</span></span></font></div>
</div>
<br>
<div class="gmail_quote">On Wed, Mar 8, 2017 at 9:53 PM, Abdul
Basit <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:basit.engg@gmail.com" target="_blank">basit.engg@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>
<div>Hi Bogdan,<br>
<br>
</div>
I am using PJSIP as UAC and Opensips as UAS with
radius for AAA.<br>
</div>
I wanted to avoid getting into the code but let me check
the flexibility.<br>
<br>
Thank you for your reply :)<br>
<div class="gmail_extra">
<div>
<div
class="gmail-m_7413305819554289247m_4114199847205901490gmail_signature">
<div><font size="2"><span
style="font-family:verdana,sans-serif"><span
style="color:rgb(39,78,19)"><br>
--<br>
regards,</span></span></font></div>
<font size="2"><span
style="font-family:verdana,sans-serif"><span
style="color:rgb(39,78,19)"><br>
abdul basit</span></span></font></div>
</div>
<div>
<div class="gmail-h5">
<br>
<div class="gmail_quote">On Wed, Mar 8, 2017 at
1:34 AM, Bogdan-Andrei Iancu <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:bogdan@opensips.org"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:bogdan@opensips.org">bogdan@opensips.org</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF"> <tt>Hi Abdul,<br>
<br>
Besides the digest auth, there is no other
standard auth mechanism for SIP, AFAIK.<br>
<br>
If you have control over the SIP UAC, of
course, you could try to build your own
auth mechanism - OpenSIPS offers enough
flexibility in terms of both header
manipulation and data computing.<br>
<br>
Regards,<br>
</tt>
<pre class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a moz-do-not-send="true" class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-txt-link-freetext" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.<wbr>com</a>
OpenSIPS Summit May 2017 Amsterdam
<a moz-do-not-send="true" class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-txt-link-freetext" href="http://www.opensips.org/events/Summit-2017Amsterdam.html" target="_blank">http://www.opensips.org/events<wbr>/Summit-2017Amsterdam.html</a>
</pre><div><div class="gmail-m_7413305819554289247m_4114199847205901490gmail-h5">
<div class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-cite-prefix">On 03/07/2017 10:26 AM, Abdul Basit
wrote:
</div>
</div></div><blockquote type="cite"><div><div class="gmail-m_7413305819554289247m_4114199847205901490gmail-h5">
<div dir="ltr">
<div>
<div>
<div>Hi,
</div>
I have a scenario where I will create password <span style="color:rgb(153,0,0)">HASH</span> = <span style="color:rgb(153,0,0)">SALT</span> + <span style="color:rgb(32,18,77)">STRING</span> and save <span style="color:rgb(153,0,0)">SALT</span> and resulted <span style="color:rgb(153,0,0)">HASH</span> only in DB.
I will transport random <span style="color:rgb(12,52,61)">STRING</span>
value to my custom sip application as password.
</div>
Digest authentication is not comply with this requirement.
Is that any supported authentication mechanism that can
fulfill this requirement.
</div>
or is there any more appropriate authentication mechanism by
opensips/kamailio?
<div>
<div>
</div>
<div>One of the objectives is in case DB will compromise,
users passwords will not available because random <span style="color:rgb(12,52,61)">STRING will not store in DB.
</span></div>
<div>
</div>
<div>Looking forward for suggestions and comments.
</div>
<div>
<div>
<div>
<div class="gmail_extra">
<div>
<div class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607gmail_signature">
<div><font size="2"><span style="font-family:verdana,sans-serif"><span style="color:rgb(39,78,19)">--
regards,</span></span></font></div>
<font size="2"><span style="font-family:verdana,sans-serif"><span style="color:rgb(39,78,19)">
abdul basit
</span></span></font></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<fieldset class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607mimeAttachmentHeader"></fieldset>
</div></div><pre>______________________________<wbr>_________________
Users mailing list
<a moz-do-not-send="true" class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" class="gmail-m_7413305819554289247m_4114199847205901490gmail-m_7274627969134338607moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-<wbr>bin/mailman/listinfo/users</a>
</pre>
</blockquote>
</div>
</blockquote></div>
</div></div></div></div>
</blockquote></div>
</div></div>
</blockquote>
</body></html>