<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1173/">https://reviewboard.asterisk.org/r/1173/</a>
</td>
</tr>
</table>
<br />
<pre style="white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">First, I don't like to have a security setting that may downgrade a connection. That has to be controlled by the dial plan and not just happen hidden in the code. So the "try" option should go away in my opinion. Secondly, don't overload configuration options with two settings in one option, separate them. It's not extensible in the future and very confusing to teach people. /O</pre>
<br />
<p>- Olle E</p>
<br />
<p>On July 24th, 2011, 6:45 a.m., irroot wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By irroot.</div>
<p style="color: grey;"><i>Updated July 24, 2011, 6:45 a.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">change the encruption option to tristate with optional bit setting
also make this a global option.
qwell sugests a second option for bitlen have no problem with that.
4.1 Crypto-suites
A crypto-suite value appears as the first parameter in a=crypto. The
CRYPTO-SUITE value MAY be different for SRTP and SRTCP as described
in Section 4.2. If a receiver does not support the particular
crypto-suite, then the receiver MUST NOT participate in the media
stream and SHOULD log an "unrecognized crypto-suite" condition
unless the receiver is participating in an Offer/Answer exchange
(Section 5). RTP/SAVP has four crypto-suites as described below.
4.1.1 AES_CM_128_HMAC_SHA1_80
This is the SRTP default AES Counter Mode cipher and HMAC-SHA1
message authentication having a 80-bit authentication tag. The
encryption and authentication key lengths are 128 bits. The master
salt value is 112 bits and the session salt value is 112 bits. The
PRF is the default SRTP pseudo-random function that uses AES Counter
Mode with a 128-bit key length.
4.1.2 AES_CM_128_HMAC_SHA1_32
The SRTP AES Counter Mode cipher is used with HMAC-SHA1 message
authentication having an 32-bit authentication tag. The encryption
and authentication key lengths are 128 bits. The master salt value
is 112 bits and the session salt value is 112 bits. These values
apply to SRTP and to SRTCP. The PRF is the default SRTP pseudo-
random function that uses AES Counter Mode with a 128-bit key
length.
4.1.3 F8_128_HMAC_SHA1_80
The SRTP f8 cipher is used with HMAC-SHA1 message authentication
having a 80-bit authentication tag. The encryption and
authentication key lengths are 128 bits. The master salt value is
112 bits and the session salt value is 112 bits. The PRF is the
default SRTP pseudo-random function that uses AES Counter Mode with
a 128-bit key length.
4.1.4 F8_128_HMAC_SHA1_32
The SRTP f8 cipher is used with HMAC-SHA1 message authentication
having a 32-bit authentication tag. The encryption and
authentication key lengths are 128 bits. The master salt value is
112 bits and the session salt value is 112 bits. The PRF is the
default SRTP pseudo-random function that uses AES Counter Mode with
a 128-bit key length. </pre>
</td>
</tr>
</table>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>
<a href="https://issues.asterisk.org/jira/browse/19335">19335</a>
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/trunk/channels/sip/include/sdp_crypto.h <span style="color: grey">(329388)</span></li>
<li>/trunk/channels/sip/include/sip.h <span style="color: grey">(329388)</span></li>
<li>/trunk/channels/sip/include/srtp.h <span style="color: grey">(329388)</span></li>
<li>/trunk/channels/sip/sdp_crypto.c <span style="color: grey">(329388)</span></li>
<li>/trunk/CHANGES <span style="color: grey">(329388)</span></li>
<li>/trunk/channels/chan_sip.c <span style="color: grey">(329388)</span></li>
<li>/trunk/configs/sip.conf.sample <span style="color: grey">(329388)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1173/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>