[asterisk-dev] AstriDevCon Recap - IAX2 RENEW for encryption
Mihai Balea
mihai at hates.ms
Thu May 31 12:39:37 MST 2007
On May 31, 2007, at 12:14 PM, Russell Bryant wrote:
>
>
> A RENEW can be explicitly acknowledged by a peer using an ACK, or
> it can be implicitly acknowledged by the peer sending its own
> RENEW. Also, it
I think it would be better if we require an ACK for each RENEW.
RENEWs are supposed to be transmitted reliably, which means we need
to know whether we need to retransmit or timeout the call. Consider
this situation:
- A sends a RENEW
- B sends a RENEW, independently of A
- A's RENEW gets lost on the network
- B's RENEW is received by A
In this case A believes that B has acknowledged his RENEW and starts
using the new encryption key. At the same time it will remove the
RENEW frame from the retransmission queue. When A transmits his next
full frame, the oseqno will be incremented. Since B never got the
RENEW, he will infer (correctly) that a full frame has been lost and
will issue a VNAK. When A receives the VNAK, he will not be able to
retransmit the RENEW and the call is compromised.
Having a consistent way of handling reliable messages will also make
the implementation easier.
Mihai
More information about the asterisk-dev
mailing list