[asterisk-users] srtp/dtls when sip is clear over lo
Joshua Colp
jcolp at digium.com
Sat Apr 26 17:33:50 CDT 2014
James Cloos wrote:
>>>>>> "JColp" == Joshua Colp<jcolp at digium.com> writes:
>
> JColp> The media is not carried over the SIP signaling,
>
> Please give some credit, eh?
>
> Given the sdp-negotiated srtp is not secure unless the sip is carried
> over tls, the Best Practice is to require tls (or even sips: uris) to
> agree to srtp.
If you are referring to SDES then yes, unless you can consider the
network completely trusted even without TLS.
> Are you saying that asterisk doesn't care whether the sip is secure and
> will happily negotiate srtp depending only on whether the remote is
> willing to do so? (That may come off as harsh; I do not mean it to be
> so, since it is what I want. :)
Yes.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list