[Asterisk-Security] Opportunistic encryption
Enzo Michelangeli
enzomich at gmail.com
Sun Jul 23 20:20:21 MST 2006
------ Original Message -----
From: "Duane" <duane at e164.org>
Sent: Monday, July 24, 2006 2:10 AM
> For what it's worth I have a howto written up about setting up asterisk
> with SRTP etc...
>
> http://www.e164.org/wiki/AsteriskSRTP
Thanks. But how is a common session key established in this case? If it is
randomly generated and transmitted in cleartext in the SDP content, as it
appears from http://bugs.digium.com/view.php?id=5413 (use of "a=crypto ....
inline:....), then the method only makes sense with SIP-over-TLS.
Enzo
More information about the Asterisk-Security
mailing list