HP-UX C SIP Stack Programmer's Guide (Novembery 2007)
Authentication 185
10
AUTHENTICATION
INTRODUCTION The authentication mechanism enables a User Agent Client (UAC) to prove
authenticity to servers or proxies which require authentication. The SIP Stack
supports SIP authentication using the HTTP Digest Scheme as described in
RFC 3261 and RFC 2617. The SIP Stack authenticator object (authenticator) is
responsible for applying the authentication mechanism in both the client and
server authentication process. Client authentication is done above the User
Agent layer; server authentication is done above the User Agent layer or the
Transaction layer.
SHARED SECRET A basic concept of the authentication mechanism is the shared secret between
the User Agent Client (UAC) and the server or proxy. Prior to establishing SIP
communication, the UAC should obtain a user name and password that the
server acknowledges. The password is a shared secret between the UAC and the
server.
DIGEST
A
UTHENTICATION WITH
MD5
The Digest Authentication method implemented by the SIP Stack uses the MD5
algorithm in the authentication process. MD5 is a one-way hash function that
operates on a given string and produces a fixed-length hash value.
AUTHENTICATION
PROCESS
A SIP server verifies UAC authenticity using the HTTP Digest Scheme as
follows: