Wireshark-dev: Re: [Wireshark-dev] Adding verification functionality to SIP dissector
From: Guy Harris <[email protected]>
Date: Thu, 23 Feb 2017 15:27:03 -0800
On Feb 23, 2017, at 1:21 PM, Peter Wu <[email protected]> wrote:

> Validation of the protocol fields (like checksums) can be done without
> external input and would be nice. On violation, these could add "expert
> info" to the tree.
> But for Authorization digests in SIP, this would require external input
> (credentials), possibly through a preference (filename or UAT). I think
> it is better as separate script (since the input format can be different
> depending on the user), but wouldn't object if a patch is proposed.

802.11 and SSL decryption also require external input, so it's not as if we don't do anything requiring external input.