[Freeswitch-users] TLS receiving calls

Kristian Kielhofner kkielhofner at star2star.com
Mon Dec 1 19:43:01 PST 2008


On 12/1/08, Thomas Troy <ttroy50 at gmail.com> wrote:
..snip..
>
> Out of interest do you have any links to anywhere this is discussed in terms
> of general sip implementations?
>

Uh oh, here we go again...

http://www.iana.org/assignments/sip-parameters
http://tools.ietf.org/html/rfc3969

https://lists.cs.columbia.edu/pipermail/sip-implementors/2005-August/010047.html

Implementation wise, most devices tend to use transport=tls:

SIPFoundry - From what I've seen
Snom
SERs
Asterisk (If you are using TLS)
Cisco - I *believe* you can use either a SIPS URI or the transport=tls
parameter for various SIP targets

  As the RFC (basically) states (RFC3261, section 12.1.x),
transport=tls was deprecated in RFC 3261 because you should also be
able to do TLS over SCTP (RFC3436), which makes transport=tls a bit
ambiguous. sips:user at domain;transport=tcp or
sips:user at domain;transport=sctp is a bit more flexible.

  I don't know if I've ever seen anything default to SIPS URIs.  I
also don't think I've ever specifically tried using them.  However, my
experience with TLS is admittedly somewhat limited so this shouldn't
be taken as gospel.  As you can see from the discussions on
sip-implementors, this gets interesting when different devices are
traversing a proxy using different URI schemes...

  However, I suspect this won't become an issue until most SIP
implementations support SCTP.  That should be exciting! ;)


-- 
Kristian Kielhofner
http://blog.krisk.org
http://www.submityoursip.com
http://www.astlinux.org
http://www.star2star.com




More information about the FreeSWITCH-users mailing list