[asterisk-users] Initial REGISTER Request: Contains Credentials before 401: KDDI Japan

Brian LaVallee b.lavallee at globaltank.jp
Wed May 15 19:36:12 CDT 2013 

Hi Matthew,

Thanks for the response.

> From: "Matthew J. Roth" <mroth at imminc.com>
> Reply-To: Asterisk Users Mailing List - Non-Commercial Discussion
> <asterisk-users at lists.digium.com>
> Date: Wed, 15 May 2013 12:28:11 -0500 (CDT)
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> <asterisk-users at lists.digium.com>
> Subject: Re: [asterisk-users] Initial REGISTER Request: Contains Credentials
> before 401
> 
> Brian LaVallee wrote:
>> 
>> My SIP provider is not happy that credentials (in the Authorization header
>> field) are provided in the initial REGISTER request.
>> 
>> The SIP provider ONLY wants the credentials AFTER rejecting the message with
>> a 401.
>> 
>> I know it's dumb, because the RFC says that the the initial REGISTER message
>> MAY include credentials.  If it fails, the proper authentication method is
>> included in the 401.  I know there is nothing wrong, it is how SIP is
>> supposed to work.
> 
> Who is your SIP provider?  They need to be called out so that other Asterisk
> users can avoid them.  This tendency to flip the customer/vendor relationship
> on
> its head must be discouraged.

The SIP provider is KDDI Japan.

>> However I would like to keep my SIP provider from complaining.
> 
> The only thing they should complain about is if you don't pay your bill on
> time.
> 
>> Asterisk is "NOT SUPPORTED" by the SIP provider.
> 
> The REGISTER request was successful so, at least from a practical standpoint,
> the provider does support Asterisk.  It would be ideal if all providers
> officially supported Asterisk, but this is just one example of how it's not
> worth trying to please everyone.

I know that the SIP provider is being overly diligent to prevent toll-fraud,
but some of their complaints about normal SIP communications have been
outrageous.  

I don't want to go into it, but KDDI has actually complained that the REPLY
to the 401 was too fast.
 
>> Does anyone in the Asterisk community know how to avoid sending the
>> credentials until AFTER receiving a 401?
> 
> Edit the source.  I'm sorry to be blunt, but I really can't see the developers
> adding another option to "sip.conf" just to satisfy such a pointless request.
> 
>> Any suggestions would be appreciated!
> 
> Ask the provider what platforms are "supported".  Pick one of them and use it
> to
> configure the "useragent" and "sdpsession" options in "sip.conf".  Or look for
> another provider that doesn't waste your time complaining about RFC-compliant
> behavior.  

KDDI does provide a list of supported equipment and vendors.  Specific
hardware or license based software products that quickly become cost
prohibitive.

I doubt that Asterisk will find it's way on the list any time soon.  Because
KDDI follows the traditional "big telco" method of interoperability, which
normally means licensing products for use on their network.

> Regards,
> 
> Matthew Roth
> InterMedia Marketing Solutions
> Software Engineer and Systems Developer
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>                http://www.asterisk.org/hello
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list