08-19-2013 12:04 PM - edited 03-18-2019 01:39 AM
I'm using a bunch of VCSes with software version 6.1. I just empirically found that VCS does not support SHA-1 for device registration. From 3 different methods our software supports VCS always selectes MD5, which is not FIPS-compliant. VCS supports SHA-1 for web and SIP communications, so why not for device registration? It would be even more peculiar since 2005 Tandberg Gatekeeper has no problems with accepting both MD5 and SHA-1 hashes.
Am I missing something? I cannot find any explict information about passwords digest methods for device registration, and no way to configure it...
Also, does VCS have FIPS-2 certification?
08-19-2013 05:43 PM
Hi Marek,
I think SIP digest authentication with MD5 is defined in SIP RFC 3261. There is a plan for upcoming version of VCS to support FIPS.
Rgds
Alok
08-21-2013 08:04 AM
Alok,
VCS SIP authentication supports SHA1, as does the SSL access to VCS web interface. I'm interested in "device authentication" in H323 mode. When presented with selection of MD5 and SHA1 VCS always chooses MD5. When I send SHA1 digest, VCS rejects registration.
As I said, the 2005 version of TANDBERG gatekeeper software accepts SHA1 digest, so I've hard time to believe that VCS does not. I would like authoritative answer if this is VCS-side problem (no support for SHA1 for device authentication) or something in my code.
thanks,
Marek
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide