[sr-dev] DMQ security

Peter Dunkley peter.dunkley at crocodilertc.net
Tue Oct 29 11:25:22 CET 2013


Are there any options for pushing the traffic through the TLS module?



On 29 October 2013 10:17, Charles Chance <charles.chance at sipcentric.com>wrote:

> Devs,
> I'm looking for some advice/opinions.
> Regarding security of the dmq messages between kamailios - currently it
> can be achieved by using a separate port (and/or ip) for dmq use and
> locking this down at firewall level. Of course, tls can be used to protect
> the content of the messages over the wire.
> So is this enough? Or should I look to implement some kind of
> authentication mechanism as well? Perhaps something as simple as a
> pre-shared key would suffice, assuming the messages are encrypted of
> course. Full digest authentication is way too heavy in my opinion.
> Any ideas? Or just leave it up to the user to secure it in network layer?
> Cheers,
> Charles
> www.sipcentric.com
> Follow us on twitter @sipcentric <http://twitter.com/sipcentric>
> Sipcentric Ltd. Company registered in England & Wales no. 7365592. Registered
> office: Unit 10 iBIC, Birmingham Science Park, Holt Court South, Birmingham
> B7 4EJ.
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

Peter Dunkley
Technical Director
Crocodile RCS Ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20131029/4cfefad9/attachment.html>

More information about the sr-dev mailing list