14 jan 2013 kl. 18:23 skrev Daniel Pocock daniel@pocock.com.au:
On 14/01/13 15:59, Klaus Darilion wrote:
The caller should use the NATPR and thus should use TLS. The SIPS+D2T does not requires the URI to be a SIPS URI.
That was my understanding too - do you feel it is always working this way in practice though with the major SIP proxies/PBXes? Or are any extra efforts (such as NAPTR for rewriting sip: to sips:) needed to help non-conforming implementations?
UPgrading from SIP: to SIPS has too many implications so you should propably never do that unless you really know what you want.
Transporting any SIP message over TLS doesn't require any changes to the actual messages and work just fine. If I add that one single NAPTR record I just state that if you want to SIP with my domain, you always have to reach me over TLS. Period. So your proxy will open a TLS session and that's fine and will not affect your first hop.
/O
See also the thread "NAPTR, SRV and sips vs. transport=tls" from 1.Dec.2012
Yes, I did see that previously but the focus of my question was slightly different, hence a new thread
regards Klaus
On 11.01.2013 18:45, Daniel Pocock wrote:
I'm just wondering if anyone can comment on expected and actual behavior if there is only a NAPTR record for TLS, e.g. I have:
sip5060.net. IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.sip5060.net.
and I don't have any entry for "SIP+D2U" or "SIP+D2T"
If some third party Kamailio instance (e.g. sip-server.example.org) receives a request from a user trying to call sip:user@sip5060.net, with a sip: rather than sips: URI, should it (and will it) use the "SIPS+D2T" result, if no other result is available?
Or would it ignore the NAPTR record and try to find the default SRV record such as _sip._udp.sip5060.net ?
Should there be another NAPTR record to translate sip: to sips: using a regex perhaps, or would such a NAPTR be a bad thing?
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users