[Asterisk-Security] Opportunistic encryption
Duane
duane at e164.org
Sat Jul 22 22:42:47 MST 2006
Duane wrote:
> Enzo Michelangeli wrote:
>> You mean David McGrew's BSD-licensed libSRTP
>> (http://srtp.sourceforge.net/srtp.html )? That's the same that Phil Z.'s
>
> Yes and no, yes because it uses libSRTP, and no because I'm talking
> about an asterisk SRTP branch that already has the SRTP stuff already
> implemented to some degree...
>
> http://bugs.digium.com/view.php?id=5413
I finally got the SRTP branch up and running on 2 servers and *I think*
I answered my own question...
Sticking:
Set(_SIP_SRTP_SDES=optional)
prior to dialing, I sent an unauthenticated call between 2 asterisk
servers and using tethereal to inspect packets it recognised a normal
SIP call, but displayed unknown for sip packets between my test servers.
All that's left now is for me to build debian packages, anyone have a
suitable ./debian patch lying about for the SRTP branch?
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://e164.org - Because e164.arpa is a tax on VoIP
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
More information about the Asterisk-Security
mailing list