SIP 302 Moved Temporarily vs 438 Invalid Identity Header
SIP 302 (Moved Temporarily) is a 3xx Redirection response, while 438 (Invalid Identity Header) is a 4xx Client Failure response. 302 indicates that the callee has temporarily moved to a different address. The client should retry the request at the Contact address but continue using the original URI for future requests. In contrast, 438 means that the server obtained the certificate from the Identity-Info header but the signature in the Identity header is invalid.
Description
The callee has temporarily moved to a different address. The client should retry the request at the Contact address but continue using the original URI for future requests.
When You See It
When a user is temporarily reachable at a different location, such as when traveling or using a different device.
How to Fix
Redirect the current call to the Contact URI provided, but keep the original URI for future requests.
Description
The server obtained the certificate from the Identity-Info header but the signature in the Identity header is invalid.
When You See It
When the cryptographic signature in the Identity header does not match the message content, indicating possible tampering.
How to Fix
Regenerate the Identity header with a correct signature. Ensure no intermediary is modifying signed headers after signing.
Key Differences
302 is a 3xx Redirection response, while 438 is a 4xx Client Failure response.
SIP 302: The callee has temporarily moved to a different address. The client should retry the request at the Contact address but continue using the original URI for future requests.
SIP 438: The server obtained the certificate from the Identity-Info header but the signature in the Identity header is invalid.
You encounter 302 when when a user is temporarily reachable at a different location, such as when traveling or using a different device.
You encounter 438 when when the cryptographic signature in the Identity header does not match the message content, indicating possible tampering.
When to Use Which
For 302 (Moved Temporarily): Redirect the current call to the Contact URI provided, but keep the original URI for future requests. For 438 (Invalid Identity Header): Regenerate the Identity header with a correct signature. Ensure no intermediary is modifying signed headers after signing.