[asterisk-users] Polycom sip.cfg / voIpProt.SIP.requestValidation.x.request.y.event

[Lee Jenkins]

Lee Jenkins wrote:
> 
> Hi all,
> 
> My company has pretty much standardized on Polycom phones and I am in 
> the beginning phase of writing a GUI for administering/managing polycom 
> provisioning at multiple sites which we intend to release as OS.  I've 
> started studying the docs and I'm having trouble understanding the 
> following xml attribute:
> 
> voIpProt.SIP.requestValidation.x.request.y.event
> 
> I understand what it does (at least conceptually) but ss the "x" 
> variable still referring to a server (1 or 2)?  And the "y" var, what is 
> it referring to?  An event?  Which one?
> 
> "Determines which events specified with the Event header should be 
> validated; only applicable when voIp- 
> Prot.SIP.requestValidation.x.request is set to
> “SUBSCRIBE” or
> “NOTIFY”.
> If set to Null, all events will
> be validated."
> 
> Please excuse me if it's an obvious question.
> 

Just as a breadcrumb,  here is what Polycom support says of the this 
portion of the XML config:

"The voIpProt.SIP.requestValidation parameter is used for validation. 
The validation is used for security purposes.  To set it up properly, 
you have the following parameters involved which compose the overall 
"validation" feature.
The parameters involved are:

voIpProt.SIP.requestValidation.x.request
voIpProt.SIP.requestValidation.x.method
voIpProt.SIP.requestValidation.x.request.y.event
voIpProt.SIP.requestValidation.digest.realm

Explanation:

voIpProt.SIP.requestValidation.x.request
With this parameter, you can specify which methods you want the phone to 
validate.  The list of methods allowed as values are listed in the Admin 
Guide.  Ex: if you wanted to use validation against all INVITES, this 
parameter would look like this voIpProt.SIP.requestValidation.INVITE.request

voIpProt.SIP.requestValidation.x.method
This parameter defines the method of validation to be used.  The list of 
methods allowed as values are listed in the Admin Guide.  The three 
methods are source, digest or both.  If you wanted to use source as the 
method, the parameter would like this 
voIpProt.SIP.requestValidation.source.method.  This means that when the 
phone is using voIpProt.SIP.requestValidation.INVITE.request it will 
apply voIpProt.SIP.requestValidation.source.method and validate that the 
INVITE is coming from the IP address specified on its line registration.

voIpProt.SIP.requestValidation.x.request.y.event
This parameter is only used when you specify 
voIpProt.SIP.requestValidation.x.request to be 
voIpProt.SIP.requestValidation.SUBSCRIBE.request or 
voIpProt.SIP.requestValidation.NOTIFY.request.  This parameter will also 
do validation based on the method used on 
voIpProt.SIP.requestValidation.x.method against the EVENTS within a 
“SUBSCRIBE” or “NOTIFY”.  Since the RFC for SIP may have different 
events, the list is not provided in the admin guide.  For an updated 
list of EVENTS please check the RFC.  A less updated list of EVENTS used 
within a NOTIFY is as follows:

conference
dialog
message-summary
presence
refer
reg
winfo

voIpProt.SIP.requestValidation.digest.realm
In this parameter you can specify a string which you have also specified 
on your server.  The value can be any valid string.  Once the phone 
advertises the string, the server will match it against is list of 
allowed users challenging the phone for an user name and password using 
authentication digest.  Generally, this string contains the name of the 
host performing the authentication."


-- 

Warm Regards,

Lee