RFC 3329, "Security Mechanism Agreement for the Session Initiation Protocol (SIP)", January 2003Source of RFC: sip (rai)
Errata ID: 2170
Status: Held for Document Update
Publication Format(s) : TEXT
Reported By: Peter Dawes
Date Reported: 2010-04-23
Held for Document Update by: Robert Sparks
Section 4.2 says:
The second INVITE (4) and the ACK (8) contain a Security-Verify header field that mirrors the Security-Server header field received in the 421.
It should say:
The second INVITE (4) contains a Security-Verify header field that mirrors the Security-Server header field received in the 421.
RFC 3329 Section 2.6, Table 1: Summary of Header Usage. indicates that Security-Client, Security-Server, Security-Verify are "Not applicable" to the SIP ACK request.
RFC 3261 says "Not applicable" means that the header field MUST NOT be present in a request. If one is placed in a request by mistake, it MUST be ignored by the UAS receiving the request."