[asterisk-bugs] [Asterisk 0005413]: [branch] Secure RTP (SRTP)
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Jan 9 06:34:26 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=5413
======================================================================
Reported By: mikma
Assigned To: otherwiseguy
======================================================================
Project: Asterisk
Issue ID: 5413
Category: Channels/chan_sip/NewFeature
Reproducibility: N/A
Severity: feature
Priority: normal
Status: assigned
Target Version: 1.6.3
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 48491
Disclaimer on File?: Yes
Request Review:
======================================================================
Date Submitted: 2005-10-09 10:36 CDT
Last Modified: 2009-01-09 06:34 CST
======================================================================
Summary: [branch] Secure RTP (SRTP)
Description:
This patch adds initial support for secure RTP using libsrt[1]. It can
be used in for example an implementation of the sdecriptions draft[2].
[1] http://srtp.sourceforge.net/srtp.html
[2]
http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
Update (17/12/2008): Branch against trunk is located here
http://svn.digium.com/svn/asterisk/team/group/srtp
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0010129 Module SRTP can't loaded
======================================================================
----------------------------------------------------------------------
(0097268) notthematrix (reporter) - 2009-01-09 06:34
http://bugs.digium.com/view.php?id=5413#c97268
----------------------------------------------------------------------
why should calls not be encrypted by default?
If the device supports it use encryption.
a other way to support it might be using the USERAGENT if it was possible
to make a settings DB based on the user agent , you could set the auth en
encrytion type in the flaver of the phones you support.
but personaly I think that enforced encryption is the best way if you want
security.
we use ht-503 boxes and ht-502 and have srtp enforced,
this solves the problem with unwanted clear lines
if no encryption the call will fail.
so making a list with phones that support encryption based on user agent
is a good option you have to make that list your self offcource.
but if you switch phones on the same account/peer this could be a working
way to set srtp. but again I dont see the use of TLS whitout SRTP.....
Issue History
Date Modified Username Field Change
======================================================================
2009-01-09 06:34 notthematrix Note Added: 0097268
======================================================================
More information about the asterisk-bugs
mailing list