<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_extra">
<div class="gmail_quote">
<div>Section 8.6.3 of RFC 5456 is "CALLING ANI": <a href="http://tools.ietf.org/html/rfc5456" target="_blank">http://tools.ietf.org/html/rfc5456</a>. I'm guessing that isn't what you were referring to.</div>
</div></div></div></blockquote><div><br></div><div>Sorry for typo, I meant section 8.6.13<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div class="gmail_extra"><div class="gmail_quote"><div>Here's what I'd recommend:</div><div><ul><li>In Asterisk 12, patch chan_iax2 to emit a WARNING if auth=plaintext is used. That WARNING should tell a user that the option is deprecated.<br>
</li><ul><li>Additionally, add a note in UPGRADE that the plaintext option has been deprecated.</li></ul><li> In trunk (Asterisk 13), remove support for "plaintext". This means:</li><ul><li>
If a user specified "plaintext", emit an ERROR and reject loading chan_iax2. Users should not be allowed to load the channel driver with an invalid configuration, and you don't want to "help them" with their authentication options.</li>
<li>Remove support for plaintext authentication in the code.</li><li>Add a note in UPGRADE that support for plaintext has been removed.</li></ul></ul></div></div></div></div></blockquote><br></div>Sounds fine for me.<br>
<br></div><div class="gmail_extra">I made a patch for 12 that emits a warning if auth methoid is set to plaintext, or plaintext is one of auth methods.<br></div><div class="gmail_extra">I'm going to test it and then upload it to the ticket ASTERISK-22820</div>
<div class="gmail_extra"><br>Additionally, warning is emitted every time plaintext auth is sent or accepted. Why? The tricky thing with deprecation is what auth methods we set as default. As far as I can see inside sources, if auth= parameter is omitted, auth methods are set to "md5 first, then plaintext".<br>
</div><div class="gmail_extra">So, if we leave auth= at defaults, and other side has auth=plaintext, we will see warning anyway.<br><br></div><div class="gmail_extra">Patch adds note to UPGRADE.txt too.<br>
</div></div>