[asterisk-dev] Asterisk 11; WEBRTC firefox nightly build fingeprint sha-256
jcolp at digium.com
Wed Jan 9 06:28:18 CST 2013
Mitja Kaučič wrote:
> I understand. But how can then the config setting dtlscipher work. In
> default config there is stated: dtlscipher =<SSL cipher string> ;
> Cipher to use for TLS negotiation;
> ; A list of valid SSL cipher strings can be found at:
> http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS in the
> list SHA256 is also listed.
That's because we use OpenSSL for DTLS support. Whatever your OpenSSL is
built with is supported.
> But in the Chan_sip.c code methode "process_sdp_a_dtls" only "sha-1"
> is supported on reading the SDP, there could be issue coming from
> this. In the end there will be diffrend types of fingerprint for
> sure, gogole talks something about SHA-224. There shuld be more/all
> encryptions supported.
Sure. Like I've said once stuff stabilizes then it can be revisited.
Just a clarification though - the fingerprint isn't used for encryption.
It's for verification purposes.
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-dev