[asterisk-dev] SIP authentication with SHA
Olle E Johansson
oej at edvina.net
Sat Feb 11 03:38:06 MST 2006
Michael Prochaska wrote:
> Olle E. Johansson schrieb:
>
>> ...write an RFC :-)
>>
>
> i don't think that this is necessary :-)
>
>> The MD5 is in the SIP RFC, and I've never seen anyone using SHA.
>
>
> no, md5 is NOT in the SIP RFC. HTTP digest authentication is not
> automatically md5
You are right, the syntax in RFC3261 says MD5, MD5-sess or "token". All
the examples use MD5 and I've seen no other implementation. The RFC is
indeed a good example of a document that needs reading, re-reading and
total re-re-reading many times... :-)
>
> and in the HTTP digest RFC there is md5 as example but SHA could also be
> used.
Right.
>
> i think if asterisk would support HTTP digest with SHA it would be easy
> to extend the UA's to support it too.
Well, produce a patch and we'll look at it. It makes me proud that you
think that the Asterisk SIP channel will be trend-setting :-)
/Olle
More information about the asterisk-dev
mailing list