[Asterisk-Users] New Asterisk bounty: SIP simultaneous

Martin List-Petersen martin+asterisk at list-petersen.net
Wed Jul 14 14:09:30 MST 2004


On Wed, 2004-07-14 at 07:55, Sunrise Ltd wrote:
> >Thats where we should go. [peer]s and [user]s being
> devices
> >(IMEI) and a new user architecture representing the IMSI.
> >We have accountcode now. It's not enough.
> 
> It may well be worth while implementing (parts of) the GSM
> IMSI specification into Asterisk. Combined with support
> for SIM card readers this would make it possible to use
> standard SIM cards to sign on to an Asterisk driven
> network.
> 
> Without the SIM card the devices could still log on to
> Asterisk, but they would be placed in a restricted
> context. Then, when a SIM card is inserted and
> authenticated, the account will be attached to the device
> and it will then be placed in the context associated with
> that user.

It should be enough to implement a seperate user layer for accounting and authentification purposes
based on password and/or public/private key authentification.

On the client side (hardphones / softphone on pc with smartcard-reader, like the ones build in notebooks today)
the implementation afterwards would be an easy task. Asterisk doesn't need to know anything about that. All
it would need is the authetification keys, that could be placed on the smart/sim-type card.

These readers are available in notebooks and should be quite inexpensive for other equipment manufacturers.
All it would need is to agree on a standard (doesn't have to involve asterisk) on how the keys would be stored
on the smartcards.

I quite like the approach, because you could give manufacturers and implementors the possibility to choose whatever
solution they like: smartcards, download keys to phone via tftp, put them on a usbkey etc.

All you should define is the format for the keys and the passcode format (typically digits, like the 4 digit pin
for simcards).

But asterisk only needs to handle user authenfication based on public/private keys. Everything else would be a 
seperate development.

Kind regards,
Martin LIst-Petersen




More information about the asterisk-users mailing list