[asterisk-dev] pjsip asterisk 13.24: sips / srtp and Deutsche Telekom doesn't work because of missing mediasec parameters
Malcolm Davenport
malcolmd at sangoma.com
Tue Jan 15 16:47:40 CST 2019
Howdy,
As Asterisk is an open source project, new capabilities are implemented by
many different individuals and organizations, each driven by their own
self-interests. We at Digium and Sangoma, who do represent a large share
of the development contributions to Asterisk, are happy to take any feature
requests under our own consideration. Anyone else could consider this
request, too. Speaking only for ourselves, we cannot, at this time, make
any commitment to implementing this feature. It is something we have to
consider, along with all of the other externally-generated, non-commercial
feature requests, and evaluate against our needs and availabilities.
Cheers
On Tue, Jan 15, 2019 at 4:04 PM Michael Maier <m1278468 at mailbox.org> wrote:
> On 15.01.19 at 20:27 Joshua C. Colp wrote:
> >
> >
> > On Tue, Jan 15, 2019, at 3:23 PM, Michael Maier wrote:
> >> Hello!
> >>
> >> Deutsche Telekom introduced sips and srtp. I tested it and it works
> >> partly. Partly means: sips is working - but not srtp. srtp doesn't
> >> work, because of missing additional
> >> headers in the REGISTER and INVITE packages (according an enhancement
> >> of RFC 3329).
> >>
> >>
> >> Example:
> >>
> >> UAC Registrar
> >> | |
> >> |----(1) REGISTER------------------------------>|
> >> | Security-Client: sdes-srtp;mediasec |
> >> | Proxy-Require: mediasec |
> >> | Require: mediasec |
> >> | |
> >> |<---(2) 401------------------------------------|
> >> | Security-Server: msrp-tls;mediasec |
> >> | Security-Server: sdes-srtp;mediasec |
> >> | Security-Server: dtls-srtp;mediasec |
> >> | |
> >> |----(3) REGISTER(with Authorization Header)--->|
> >> | Security-Client: sdes-srtp;mediasec |
> >> | Proxy-Require: mediasec |
> >> | Require: mediasec |
> >> | Security-Verify: msrp-tls;mediasec |
> >> | Security-Verify: sdes-srtp;mediasec |
> >> | Security-Verify: dtls-srtp;mediasec |
> >> | |
> >> |<---(4) 200 OK---------------------------------|
> >> | |
> >> | |
> >> |----(5) INVITE-------------------------------->|
> >> | Security-Verify: msrp-tls;mediasec |
> >> | Security-Verify: sdes-srtp;mediasec |
> >> | Security-Verify: dtls-srtp;mediasec |
> >> | a=3ge2ae:requested |
> >> | a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:EpcgtOdT5qd...
> >> | |
> >> |<---(8) 200 OK---------------------------------|
> >> | a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:lnfakjh2sd1..
> >>
> >>
> >>
> >> You can find a complete description here (english language):
> >> https://www.telekom.de/hilfe/downloads/1tr114.pdf
> >> The example can be found on page 115.
> >>
> >> They need those mediasec parameters because of there compatibility with
> >> the 3GPP standards
> >> (http://www.qtc.jp/3GPP/Specs/33328-920.pdf) which would require an
> >> additional signaling of the media plane security.
> >>
> >>
> >> Is this already implemented or did I miss something else?
> >
> > This is not implemented and I know of noone working on such a thing.
> >
>
> Would you please plan to implement it?
> Deutsche Telekom is the biggest player in Germany having 19 millions fixed
> lines and 25 millions mobile customers.
>
>
> Thanks,
> Michael
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
--
--------------------------------------------------
Malcolm Davenport
Digium - a Sangoma company | Senior Product Manager
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Tel/Fax: +1 256 428 6252
malcolmd at sangoma.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20190115/70056fa3/attachment-0001.html>
More information about the asterisk-dev
mailing list