[Asterisk-Security] Opportunistic encryption
Duane
duane at e164.org
Fri Jul 21 18:26:23 MST 2006
Enzo Michelangeli wrote:
> X.509 opens the can of worms of certification chains, authorities etc. Most
Hasn't stopped SMTP-TLS from going full steam ahead...
> importantly, how would a certificate issued by a trusted third party ensure
> that your peer does not eavesdrop the calls? If you know nothing about the
> remote server, you can't know if it's friend or foe either. At that point,
> why have authentication in first place?
Because it lets you move forward to using particular CAs in future,
getting people to do something from which a stepping stone can lead to
something better in future...
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://e164.org - Because e164.arpa is a tax on VoIP
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
More information about the Asterisk-Security
mailing list