/mcpDescription Setting If you check this check box, Unified Communications Manager challenges all SIP requests from the phone. Digest authentication does not provide a device authentication, integrity, or confidentiality. Choose a security mode of authenticated or encrypted to use these features. Enable Digest Authentication When this check box is checked, Unified Communications Manager encrypts the phone downloads from the TFTP server. This option exists for Cisco phones only. Tip We recommend that you enable this option and configure a symmetric key to secure digest credentials and administrative passwords. TFTP Encrypted Config This check box is available, when you choose Encrypted from the Device Security Profile drop-down list. When this check box is checked, Unified Communications Manager allows the device that is associated with the phone security profile to register on the SIP OAuth port. By default, this check box is unchecked. You can enable the SIP OAuth when: • Transport type is TLS. • Device security mode is encrypted. • Digest authentication is disabled. • Encrypted configuration is disabled. Note From Unified Communications Manager Release 12.5, Jabber devices support SIP OAuth authentication. Enable OAuth Authentication When this check box is checked, Unified Communications Manager omits digest credentials in the phone downloads from the TFTP server. This option exists for Cisco IP Phones, 7942, and 7962 (SIP only). Exclude Digest Credentials in Configuration File Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 147 Basic System Security Phone Security Profile Settings