On Sun, 4 Jan 2009, Juha Heinanen wrote:
Aymeric Moizard writes:
If you have a 100% working trick, I'll be interested to learn it! Very interested!
no, i don't have 100% working trick, but normal means cover 90+% of the cases. trying to avoid needless use of rtp proxy for the remainder is not worth of the extreme complexity that comes with ice.
So the 10% calls are the one that use relay when they should not? right? I'm pretty convinced this is not a true value. Anyway, I don't think this is a problem of number here.
Let's describe a case:
I send an INVITE and encrypt the SDP. I'm behind a symmetric NAT. I'm calling somebody (a UA of course) who is able to decrypt it.
Whatever trick you provide, I will not have always voice (except if ICE is supported or if the NAT are kind with me)
Conclusion: I'm forced to provide UA and ask my customer to NOT encrypt their signalling. NEVER encrypt their signalling.
i don't understand what you try to say in above. sip works fine over the internet today.
SIP works today **if**: * no security * no SIP message integrity is used * sip server are well configured (...) * sip server is not compliant (modifying contact and SDP...)
My conclusion is that it's not acceptable. I want my applications to do security and I don't want to be dependant on badly configured servers.
I don't want "SIP works today **if**", I want "SIP works today."
I just need a SIP compliant internet infrastructure.
tks, Aymeric MOIZARD / ANTISIP amsip - http://www.antisip.com osip2 - http://www.osip.org eXosip2 - http://savannah.nongnu.org/projects/exosip/
-- juha