[asterisk-dev] Paid support - Asterisk - Direct media - SRTP
Olle E. Johansson
oej at edvina.net
Wed Mar 26 07:26:27 CDT 2014
On 26 Mar 2014, at 12:09, "Listas\" Nivaldo Montenegro Junior" <listasjr at digivox.com.br> <listasjr at digivox.com.br> wrote:
> Hi,
>
> So, It's not possible to implement using asterisk. The best solution is use a SIP Proxy? Using a SIP Proxy the internal calls (exten to exten) will not be processed by Asterisk. The SIP Proxy will handle that and Only calls that goes to PSTN will be handled by Asterisk, right?
>
That depends on how you build the architecture. What you describe is one solution.
From a security standpoint, a server like Asterisk is a MITM-attack box. That's what a PBX is. If you want confidentiality in the calls between two phones, you do not involve a PBX unless you trust it a lot.
/O
> Regards,
>
> Nivaldo Montenegro Júnior
>
> Em 26/03/2014 03:48, "Olle E. Johansson" <oej at edvina.net> escreveu:
>
> On 26 Mar 2014, at 02:41, "Listas\" Nivaldo Montenegro Junior" <listasjr at digivox.com.br> <listasjr at digivox.com.br> wrote:
>
>> Hi,
>>
>> We are looking for a developer or asterisk consultant to implement the direct media setup on Asterisk using TLS and SRTP.
>> We tested using SIP + RTP and it works fine with the parameter directmedia=yes. But when we enable the SRTP, this stops to work.
> For SRTP to work peer to peer you need to have the key exchange either going through Asterisk or in the media stream, like DTLS. It may be easier to use a SIP proxy to get the key exchange to work properly.
>
> To facilitate SDES key exchange through Asterisk involves a lot of issues, which from a security standpoint are rather scary. Asterisk will offer someone else's keys and need to switch back and forth during the call.
>
> Anything can be done though, it's just source code. :-)
>
> /O
>>
>> We are very interested in this project and we will pay for it.
>>
>> If any one has interest on this project, please send me an e-mail to junior at digivox.com.br.
>>
>>
>> Thanks,
>>
>>
>> --
>> Nivaldo Montenegro Júnior
>> Diretor de TI&C
>> Digivox Soluções de Comunicação Ltda
>> ( + 55 83 4009-8195
>> ( + 55 83 4009-8199 - fax
>> ( + 55 83 9179-8195 - celular (VIVO)
>> : junior at digivox.com.br
>> : www.digivox.com.br
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> asterisk-dev mailing list
>> To UNSUBSCRIBE or update options visit:
>> http://lists.digium.com/mailman/listinfo/asterisk-dev
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20140326/ea88721d/attachment.html>
More information about the asterisk-dev
mailing list