[sr-dev] TLS: Sip-Routers adds a Record-Route with "sip" scheme rather than "sips"
Olle E. Johansson
oej at edvina.net
Wed Jul 6 13:33:48 CEST 2011
6 jul 2011 kl. 13.12 skrev Iñaki Baz Castillo:
> 2011/7/6 Olle E. Johansson <oej at edvina.net>:
>> Yes. SIPS: doesn't really help anyone and showing a padlock on the phone is a broken model here.
>
> I agree that SIPS is a pain. But that's is the standard.
The question: for what? :-)
I agree that SIPS is useful, but when and for whom?
- is this something we only use in infrastructure?
- or is this something a client can use to set up a "secure call" ?
You can clearly mandate yourself that anything using SIP: should run over TLS.
You can implement SIPS in outbound proxys and stuff.
Do we have good documentation on how Kamailio handles SIPS uri's in
- request uri's
- contacts for registration
- route headers
- via headers
etc etc...
Which error codes are used if I have a via header with SIPS and kamailio can't set up a secure connection to the upstream SIP server?
In the kamailio team, we should at least have one policy for how to support it and how to handle TLS certificate verification.
/O
More information about the sr-dev
mailing list