On 31 October 2013 14:07, Olle E. Johansson <oej@edvina.net> wrote:


Hitting me with my own argument and code, that's cheating Peter :-)


It's fun to play dirty once in a while :-)
 
Well, DMQ is one very strange and advanced module, I admit that. Like I said earlier I think my discussion now is more generic to how we communicate and build the product. I'm trying to change the attitude in a large group of stubborn engineers, including most of me, myself and I...


I certainly favour having security (and easy to use security) as a goal.  But one of the things I like about Kamailio is the flexibility.  For example, secure signalling is harder to trace (that's kind of the point), so when building a network I will tend do so with security disabled (or at least not enforced) so that I can make sure I am happy with the routing, and then tighten things up before I let other people on it.

 
Having said that, I haven't forgotten that I need to work on your to-do-list, Peter. TLS connection verification is one of the items high on that list.

 
Indeed.  Currently my personal hit-list for Kamailio 4.2 is:
  • auth_ephemeral secrets in a database table
  • per-message/frame deflate for WebSockets
  • validation of outbound TLS connections
  • SIP DANE
And if there is time I'd like to do some more work on MSRP too :-)
 
/O :-)

_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev




--
Peter Dunkley
Technical Director
Crocodile RCS Ltd