[asterisk-users] Asterisk encrypted authentication for clients
Jeff LaCoursiere
jeff at jeff.net
Thu Oct 29 15:11:38 CDT 2015
On 10/28/2015 06:37 PM, Pete Mundy wrote:
> Hi Motty,
>
> Isn't the whole point of the nonce in a SIP registration to ensure the
> secret doesn't go on the wire in plain-text? Is this not enough, or
> are you looking to hide the username too?
>
> (if so, fair 'nuf, just wondering why :)
>
> Pete
>
> Ps, if so then I think TLS is the missing part of your equation.
>
> On 29/10/2015, at 11:54 AM, Motty <motty.cruz at gmail.com
> <mailto:motty.cruz at gmail.com>> wrote:
>
>> Hello,
>> I am searching for a solution to encrypt authentication from Asterisk
>> server to clients. Searching srtp seem to encrypt traffic, I just
>> want client authentication with encryption. Can someone point to the
>> right direction? has anybody used ZRTP? experience with ZRTP?
>>
>> Thanks,
>> _motty
>
>
You want SIP over TLS. That encrypts the signalling. SRTP and ZRTP
encrypt the actual voice traffic.
Cheers,
j
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151029/3d77e9db/attachment.html>
More information about the asterisk-users
mailing list