[Users] user authentication with certificate

i understand, minisip softphone can initiate TLS connection. and it can be authenticated by the openser via digest authentication. is it possible to use certificate instead of digest authentication? -- Girish On Fri, 2005-10-14 at 08:28 +0000, users-request(a)openser.org wrote: > Send Users mailing list submissions to > users(a)openser.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://openser.org/cgi-bin/mailman/listinfo/users > or, via email, send a message with subject or body 'help' to > users-request(a)openser.org > > You can reach the person managing the list at > users-owner(a)openser.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Users digest..." > > > Today's Topics: > > 1. Re: Re: [Serusers] trusting peers (Juha Heinanen) > 2. Re: different tables for acc (Klaus Darilion) > 3. Re: Improving TLS implementation (Cesc) > 4. Re: Improving TLS implementation (Juha Heinanen) > 5. Softphones compatible with Openser/TLS (Joonbum Byun) > 6. Re: Softphones compatible with Openser/TLS (Klaus Darilion) > 7. Re: Softphones compatible with Openser/TLS (Cesc) > 8. Re: BYE method accompanied by error (Daniel-Constantin Mierla) > 9. Re: How to do RADIUS authentication with hashed password (MD5 > or HA1)? (Bogdan-Andrei Iancu) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 13 Oct 2005 13:55:37 +0300 > From: Juha Heinanen &lt;jh(a)tutpro.com&gt; > Subject: Re: [Users] Re: [Serusers] trusting peers > To: Klaus Darilion &lt;klaus.mailinglists(a)pernau.at&gt; > Cc: Nils Ohlmeier &lt;lists(a)ohlmeier.org&gt;rg>, serusers(a)iptel.org, Jan Janak > &lt;jan(a)iptel.org&gt;rg>, "users openser.org" &lt;users(a)openser.org&gt; > Message-ID: &lt;17230.15657.441146.200770(a)rautu.tutpro.com&gt; > Content-Type: text/plain; charset=us-ascii > > Klaus Darilion writes: > > > e.g. simmilar to allow_trusted, but using the domain form the > > certificate instead of using src_ip. > > yes, it would be easy to add such a check to permissions module. > > -- juha > > > > ------------------------------ > > Message: 2 > Date: Thu, 13 Oct 2005 14:30:46 +0200 > From: Klaus Darilion &lt;klaus.mailinglists(a)pernau.at&gt; > Subject: Re: [Users] different tables for acc > To: jayesh nambiar &lt;jayesh_1017(a)yahoo.com&gt; > Cc: SER &lt;users(a)openser.org&gt; > Message-ID: &lt;434E5376.2000902(a)pernau.at&gt; > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > No. Only one table for all costumers. > > klaus > > jayesh nambiar wrote: > > hi all, > > I came to kno about the parameter modparam("acc", "db_table_acc", > > "acc_table"). > > Does this mean that I can have different acc tables for my different > > type of customers. Is this possible. > > If yes, then how? If i declare the appropriate flag and then use setflag > > at the places i want to account, will it work. > > Can someone please explain it to me. Any suggestions would help me a lot. > > Thanx > > jayesh > > > > ------------------------------------------------------------------------ > > Yahoo! Music Unlimited - Access over 1 million songs. Try it free. > > <http://pa.yahoo.com/*http://us.rd.yahoo.com/evt=36035/*http://music.yahoo.com/unlimited/> > > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Users mailing list > > Users(a)openser.org > > http://openser.org/cgi-bin/mailman/listinfo/users > > > > > ------------------------------ > > Message: 3 > Date: Thu, 13 Oct 2005 14:53:25 +0200 > From: Cesc &lt;cesc.santa(a)gmail.com&gt; > Subject: Re: [Users] Improving TLS implementation > To: Juha Heinanen &lt;jh(a)tutpro.com&gt; > Cc: SER-Users &lt;serusers(a)iptel.org&gt;rg>, OpenSER-users &lt;users(a)openser.org&gt; > Message-ID: > &lt;ce8208420510130553r371591aeib5f43a7674b109b(a)mail.gmail.com&gt; > Content-Type: text/plain; charset="utf-8" > > Hi Juha, > Well, that is true, but what do you propose then? just present a host cert > and nothing else? I would say that if the company trust the hosting for > running the service, a mere certficate should not be the problem, should it? > Cesc > > On 10/13/05, Juha Heinanen &lt;jh(a)tutpro.com&gt; wrote: > > > > cesc, > > > > you made a good summary, but in multi-domain case, it is not just a > > technical problem on how to present or offer a domain specific > > certificate. in order to be able to do that, the domains have to > > surrender their private keying information to a provider that currently > > happens to host their sip service, and to another provider that hosts > > their web service, and to third provider that hosts their e-commerce > > service, etc. > > > > in most cases, this is simply out of question. companies are not going > > to do it. > > > > -- juha > > >