[asterisk-dev] [Fwd: Re: [svn-commits] kpfleming: branch 1.4 r81442 - /branches/1.4/channels/chan_sip.c]
Kevin P. Fleming
kpfleming at digium.com
Thu Sep 6 16:50:47 CDT 2007
Olle and I have been having a conversation regarding this commit, and
I'd like to solicit comments from the community on whether they feel we
should add back in the 'send 401 forever and ever and ever' behavior
with a configuration option (defaulting to off), and if so, what should
the name of that option be?
> Olle E Johansson wrote:
The RFC says
"21.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it.
Authorization will not help, and the request SHOULD NOT be repeated."
In this case, proper authorization will help. If we send 403, we're
telling the phone to stop trying sending INVITE to us regardless of
authorization, time of day, phase of the moon and amount of youtube
traffic in your network. That's not really what you want.
In another part of the RFC, it actually states another use for an
INVITE scenario. If the callee refuses to answer, like pressing the red
button on your cell phone, the RFC recommends sending 403. I believe
that's a big contradicting, but - hey - we're talking about the SIP rfc
:-) (or they might hint that this is a good way of adding a caller, ex-
girlfriend, to a blacklist)...
But I agree, with a configuration option, we can send 403 to stop
unneeded traffic. The phone needs a reconfiguration, so we might as well
tell it to go away until it has sorted out it's life and approach us
with a new, propably rebooted, attitude.
Cheers,
/O
--
Kevin P. Fleming
Director of Software Technologies
Digium, Inc. - "The Genuine Asterisk Experience" (TM)
More information about the asterisk-dev
mailing list