HP VCX Software manual 175

Chapter 10. SIP Services

URI Encoding

When registering a SIP client on one side of the Telecommuting Module to a SIP server on the other side, the Contact header is normally encrypted and rewritten. By doing this, we make it possible for the SIP server to track when the same user is sending requests from different places. It is possible to turn encryption and rewriting off, and to shorten the encrypted URI in Contact headers passing through the Telecommuting Module.

Select what to do with Contact headers.

Always encrypt URIs will make the Telecommuting Module encrypt the entire Contact header URI.

Use shorter, encrypted URIs will make the Telecommuting Module generate a random string for the incoming Contact URI. This will then be used as the username part of the outgoing Contact header URI.

When you select this, the Telecommuting Module makes no checks of incoming SIP URIs. It becomes possible in theory to trick the Telecommuting Module to send SIP packets any- where, so security is drastically reduced.

Escape URIs will make the Telecommuting Module escape the entire original URI and use that as the username part of the outgoing Contact.

The encryption of a Contact URI is changed when the Call-ID changes, when the client gets a new IP address, or when the user changes its Contact URI.

When you select this, the Telecommuting Module makes no checks of incoming SIP URIs. It becomes possible in theory to trick the Telecommuting Module to send SIP packets any- where, so security is drastically reduced.

Keep username in URIs will make the Telecommuting Module keep the original username pare of the Contact URI, and only replace the domain part.

When you select this, it will be impossible for the remote SIP server to tell if requests for a certain user belong to one or several clients, as it has no means of telling the client registrations for a user apart. This means that if a user registers from two clients, and then unregisters from one of them, the SIP server will remove its only registration record for that user.

The Telecommuting Module also makes no checks of incoming SIP URIs. It becomes possible in theory to trick the Telecommuting Module to send SIP packets anywhere, so security is drastically reduced.

167