[Kamailio-Users] Secure VoIP

Daniel-Constantin Mierla miconda at gmail.com
Thu Feb 26 18:00:45 CET 2009


On 02/26/2009 06:40 PM, Klaus Darilion wrote:
> Iñaki Baz Castillo wrote:
>   
>> 2009/2/26 Olle E. Johansson <oej at edvina.net>:
>>     
>>> This is a problem I realize at every SIPit. The implementations are far away
>>> from the IETF world. And the gap doesn't seem to close.
>>>
>>> Basic stuff like DNS is not understood or used by many SIPit attendees so
>>> even trying to mention NAPTR is too complex, and it's necessary for many
>>> security scenarious.
>>>       
>> RFC 3263 (Locating SIP Servers) is really complex, NAPTR is really
>> complex, and it's not needed in 99% of current SIP deployments, so
>> vendors don't implement it. If a SIP provider whises to use NAPTR
>> records then all its clients should implement it in their SIP phones
>> (obviously this is unfeasible for no
>>     
>
>
> I tend to disagree. I always hate to configure stuff like outbound proxy 
> and protocol in a SIP client. If all client supports NAPTRs then it 
> would be sufficient to configure in your client only the AoR and password.
>
> And people which understand SIP should be able to understand DNS too
>   
a proper DNS implementation in SIP phones would be a big step forward in 
terms of service scalability and reliability. I would love to see that live.

However, being out there so many phones without such support, it is 
practically unusable since service providers won't deploy different 
server solutions for each group of devices, so they stick to one size 
fits all and that is not DNS for now.

Proper DNS support should be enforced somehow (who knows how?!?) before 
anything else. At the end, DNS drives the IP world.

Cheers,
Daniel

-- 
Daniel-Constantin Mierla
http://www.asipto.com





More information about the sr-users mailing list