[asterisk-dev] bug or feature (use From: instead of Digest username to match INVITE) ?

Kevin P. Fleming kpfleming at digium.com
Mon Oct 16 10:27:21 MST 2006


----- Luigi Rizzo <rizzo at icir.org> wrote:
>    is there anything in the INVITE message (without auth) that tells
>    us, unambiguously, who X is (to be proved by authentication, of
> course)
> 
>    Note, by unambiguously i mean that e.g. if have multiple peers
>    behing the same IP address or the same domain name i can still
>    tell one from another.

As Dinesh already replied: no, there is not.

If the service they are asking to INVITE is open to the world, then the INVITE goes through unchallenged and you don't know who is connecting to you. If the service they are asking to INVITE is protected (by domain-based authentication) then you challenge them and find out who they are.

At least, this is the 'ideal' model... it is not what Asterisk fully implements today.

-- 
Kevin P. Fleming
Senior Software Engineer
Digium, Inc.



More information about the asterisk-dev mailing list