Re: [SR-Users] TLS and SIP

JC> Good point. A quick test shows that contacting asterisk-11 over tls/tcp JC> negotiates rsa key exchange; kamailio does better and agrees to ECDHE-RSA. JC> If the trace is of kama talking to asterisk ephemeral is not likely. Sorry. I forgot which thread this was on, making the above irelevant. As such, it is more likely than not that the tls used an ephemeral suite. In that case, to debug it, one'd have to edit kama'a tls module to leak the incoming and outgoing session keys (probably to a file) and then, AFAICT, edit wireshark to let one specify a session key to decrypt the encrytped tls session. Just be sure never to use the leaker in production. -JimC -- James Cloos <cloos(a)jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6