<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Ok looks like the token is not used at all in digest auth. This is the first time I have seen a device send back something other than auth or auth-int.<div><br></div><div>/b</div><div><br><div><div>On Feb 14, 2010, at 11:09 PM, Mark Campbell-Smith wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Helvetica; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; ">A little more testing. I noticed that the Authorization field<br>differs when TCP or UDP:<br><br>UDP (fails)<br>Digest username=\"2010\", realm=\"mydns.dyndns.org\",<br>nonce=\"e5f119c6-19e9-11df-bd09-773b7a755f78\",<br>uri=\"<a href="sip:mydns.dyndns.org:5060/">sip:mydns.dyndns.org:5060\</a>",<br>response=\"e37be3e49c159d4f98e8bd04b36f2bd7\", algorithm=MD5,<br>qop=\"1fffcc9f\"<br><br>TCP (works)<br>Digest username=\"2010\",realm=\"mydns.dyndns.org\",nonce=\"5d9e75c2-19ea-11df-bd0b-773b7a755f78\",uri=\"<a href="sip:mydns.dyndns.org:5060/">sip:mydns.dyndns.org:5060\</a>",algorithm=MD5,response=\"45ba55d3fbafcbf2bc2aa6418656ecc2\",qop=auth,nc=00000001,cnonce=\"3a650454\"<br><br>Is qop = 1fffcc9f valid in SIP? Does a cnonce need to be included also?<br><br>FS sends qop=auth in the Unauthorized response.<br><br>Thanks</span></blockquote></div><br></div></body></html>