[OpenSIPS-Users] nonce password
Maxim Sobolev
sobomax at sippysoft.com
Thu Nov 3 10:02:55 UTC 2022
Richard, as part of the RFC8760 work we've changed nonce algorithm to be
more secure and do not expose as much info to a potential attacker starting
with 3.1. It also prevents qop/algorithm "downgrade" attacks on a stateless
proxy. But as Bogdan pointed out, there are some options to ignore
validation of nonce and just verify digest, which might provide some help
in your situation.
-Maksym
On Wed, Nov 2, 2022, 11:18 AM Richard Revels via Users <
users at lists.opensips.org> wrote:
> If I set a nonce password on a opensips 3.x proxy and the same one on
> opensips 2.x proxy it is expected behaviour that it still wont match if
> call starts on opensips 2, is challenged, then INVITE is sent to opensips 3
> proxy?
>
>
>
> [image: BandwidthMaroon.png]
>
>
>
> Richard Revels • System Architect II
>
> 900 Main Campus Drive, Suite 100, Raleigh, NC 27606
>
>
>
> m: 919-578-3421 • o: 919-727-4614
>
> e: rrevels at bandwidth.com
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20221103/1a92caae/attachment.html>
More information about the Users
mailing list