[SR-Users] SIP-DTLS support
Martin Meadows
martin at netconfigs.com
Wed Jul 17 15:21:18 CEST 2019
Hi Henning,
Your willingness in principle is appreciated. However, despite the idea of SIP-DTLS having been around for years, the lack of obvious implementations suggests there is little enthusiasm for formal adoption. Were it more generally available, I believe usage would grow, and that may lead to formal adoption.
Presently, I can’t see SIP-DTLS happening unless a major platform goes out on a limb to adopt it, with others then following suite. Such a de-facto adoption could be good thing in the current climate of enhancing cyber-security.
Many thanks - Martin
> From: Henning Westerholt <hw at skalatan.de>
> Sent: 12 July 2019 21:13
> To: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
> Cc: martin at netconfigs.com
> Subject: RE: [SR-Users] SIP-DTLS support
>
> Hi Martin,
>
> if there is an updated standard for SIP-DTLS (which I was also not able to find) this could be of course added to Kamailio. Somebody just needs to implement it, we are happy to review and contributions.
>
> Cheers,
>
> Henning
>
> --
> Henning Westerholt - https://skalatan.de/blog/
> Kamailio services - https://skalatan.de/services
>> From: sr-users <mailto:sr-users-bounces at lists.kamailio.org> On Behalf Of Aymeric Moizard
>> Sent: Monday, July 8, 2019 12:52 PM
>> To: Kamailio (SER) - Users Mailing List <mailto:sr-users at lists.kamailio.org>
>> Subject: Re: [SR-Users] SIP-DTLS support
>>
>> Hi Martin,
>>
>> I have implemented DTLS inside my open source -and closed source- code years ago.
>>
>> Obviously, not being used by anyone, this code is almost never tested. I can tell that
>> it worked in labs years ago and I don't think it was ever used in production by any one
>> that I know.
>>
>> To test on a linux:
>>
>> git clone https://git.savannah.gnu.org/git/osip.git
>> cd osip
>> ./autogen.sh
>> ./configure
>> make
>> sudo make install
>> cd ..
>>
>> THEN:
>>
>> git clone https://git.savannah.nongnu.org/git/exosip.git
>> cd exosip
>> ./autogen.sh
>> ./configure
>> make
>> sudo make install
>>
>> ./tools/sip_reg -d -p 3456 -r sip:http://sip.antisip.com -u mailto:sip%3Axxxx at sip.antisip.com -U xxxxx -P yyyyy -t DTLS
>>
>> I just fixed a crash upon failure... and pushed the change in git.
>>
>> Anyway, feel free to test! I have only started the above "sip_reg" test without any proxy listening behind.
>> Use your own kamailio and credentials!
>>
>> And let me know the results ;)
>> Aymeric
>>> Le lun. 8 juil. 2019 à 12:23, Martin Meadows <mailto:martin at netconfigs.com> a écrit :
>>> Hi, (repost in plaintext)
>>>
>>> I haven't found anything that follows up on that expired draft, except in
>>> the sips: rfc5630 section 3.1.4 that appears to explicitly preclude UDP.
>>>
>>> My issue is that a draft of BS8521part2 mandates TLS over UDP, and the
>>> closest I can see is sip-dtls over UDP but I'm struggling to find a clear
>>> declaration from within the sip community.
>>>
>>> If I encounter an phone/app supporting it, I shall post it here.
>>>
>>> Regards - Martin (phone)
>>>
>>>
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> mailto:sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>>
>>>
>>> --
>>> Antisip - http://www.antisip.com
More information about the sr-users
mailing list