[asterisk-users] Asterisk encrypted authentication for clients

Jeff LaCoursiere jeff at jeff.net
Thu Oct 29 15:11:38 CDT 2015

On 10/28/2015 06:37 PM, Pete Mundy wrote:
> Hi Motty,
> Isn't the whole point of the nonce in a SIP registration to ensure the 
> secret doesn't go on the wire in plain-text? Is this not enough, or 
> are you looking to hide the username too?
> (if so, fair 'nuf, just wondering why :)
> Pete
> Ps, if so then I think TLS is the missing part of your equation.
> On 29/10/2015, at 11:54 AM, Motty <motty.cruz at gmail.com 
> <mailto:motty.cruz at gmail.com>> wrote:
>> Hello,
>> I am searching for a solution to encrypt authentication from Asterisk 
>> server to clients. Searching srtp seem to encrypt traffic, I just 
>> want client authentication with encryption. Can someone point to the 
>> right direction? has anybody used ZRTP? experience with ZRTP?
>> Thanks,
>> _motty

You want SIP over TLS.  That encrypts the signalling.  SRTP and ZRTP 
encrypt the actual voice traffic.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151029/3d77e9db/attachment.html>

More information about the asterisk-users mailing list