[asterisk-users] OT: certificate for softphone
Olle E. Johansson
oej at edvina.net
Wed Nov 10 01:38:21 CST 2010
6 nov 2010 kl. 15.30 skrev Hans Witvliet:
> Hi all,
>
> As stated in the subject, slightly off-topic, as it is not directly a
> Asterisk issue, but more SIP in general
>
> Because security in general, and specifically identification becomes
> more and more a subject for more concern, and Asterisk is capable of
> doing sip/TLS, i was wondering what more could be done to improve
> security.
>
> Specially softphones, might it be possible to employ etokens or
> smartcards for holding the certificates needed by TLS?
>
> Done before?
In the SIP protocol there is support for TLS client certificates, much like in HTTP.
Asterisk doesn't support it. You need to put a SIP proxy like Kamailio in front of Asterisk to get this kind of strong authentication.
/O
More information about the asterisk-users
mailing list