15 Oct
2007
15 Oct
'07
11:36 a.m.
El Monday 15 October 2007 11:26:16 Klaus Darilion escribió:
Authentication of in-dialog requests in SIP is broken
- you can not rely
on the From/To headers.
I can rely on "From" since if I authenticate a caller and do
"check_from()" I
can be sure there is not spoof.
But I need to know the dialog original URI domain in order to allow or not a
REFER.
Because of this issue I need to store dialog info with original URI.
--
Iñaki Baz Castillo
ibc(a)in.ilimit.es