[asterisk-dev] chan_sip SIP Authentication

[Klaus Darilion]

Johansson Olle E schrieb:
>>> This implements a way to
>>> - register with SIp services
>>> - get the call back
>>> - match the proper peer, even if you have five accounts, we will  
>>> match
>>> the proper peer
>>> - send the call to the called number (to: header), not using a  
>>> pseudo-
>>> exten that overrides.
>> ahh. It took us many yours to tell vendors that To-based routing is  
>> wrong.
> Oh yes, it is. In theory you should never do that, but...
> 
> But if you register for a service, the request URI is whatever
> you register with and can't really be used for any routing decisions  
> in a b2bua.
> For a simple phone, it doesnt matter. Registration for a trunk service  
> doesn't really work,
> which might be a design flaw in SIP.
> 
> How on earth do you get the requested number without checking To: or  
> RPID?


Found in SipConnect 1.1 draft 3:

10.1	Incoming Calls from the Service Provider to the Enterprise
...
10.1.1	Request-URI header

The SP-SSE MUST populate the Request-URI of the INVITE with the 
Enterprise Public Identity of the called Enterprise user.   The SP-SSE 
MUST ensure that the form of the Request URI adheres to one of the valid 
Enterprise Public Identity forms, as defined in section 9.

On receiving an INVITE where the Request URI contains a valid Enterprise 
Public Identity as defined in section 9, the SIP-PBX MUST identify the 
called user based on the contents of the Request-URI.


10.1.2	To header

The ‘To:’ field of a SIP request generated by the Service Provider 
Network is normally populated in the same format, and with the same URI, 
as  the Request-URI, as specified in sections 10.1.1 above. However, 
there may be cases, such as a prior redirection, where the ‘To:’ field 
does not contain the desired destination. As such, the SIP-PBX MUST NOT 
rely on the contents of ‘To:’ field for routing decisions, but MUST use 
the Request-URI instead.