[Freeswitch-users] TLS receiving calls

Kristian Kielhofner kkielhofner at star2star.com
Tue Dec 2 11:03:41 PST 2008 

On 12/2/08, Anthony Minessale <anthony.minessale at gmail.com> wrote:
> Naturally, either way is stupid.

  Word.

> The whole idea of putting the transport in a uri param is equally stupid to
> using 2 different protocol names but since SIP is the descendant of http it
> they decided to stick with the stupidity of http/https and have sip/sips
> which is almost as if it was designed to break all software trying to keep
> up with url syntax.

  Too late now.

> If they are going to insist on using text params you'd think something like
> transport=foo;security=tls would be even *more* flexable in case alternate
> methods to encrypt crop up.

  I can agree with you here...

  URI parameters in SIP have come to be the catch all for random junk
that doesn't seem to fit anywhere else.  Note that "random junk"
includes everything from transport, to number portability, to CICs, to
ISUP-OLI and on.

  Even in my world setting up proxies, UAs, etc to parse out the
various crap people put in SIP URI params is a hassle.  A big one.

  What a mess!!!

> This is, of course, the first step into a lengthy 12 hour discussion on how
> stupid SIP and url/text based
>  protocols are.

  I like them but I'm weird.

> I dare someone to crank up the pcap on a box doing SIP presence for 20
> phones and "read"
> the 1200 byte messages with all kinds of hyeroglyphic url syntax and
> embedded xml payloads and write
>  up a paper on how much "sense" it makes to have it be "readable".

  I do it all the time.  I think it's quite usable.  ngrep provides a
small enough binary and the ability to match on text.  Certainly
easier to use, especially on embedded systems without the luxury of
dedicated protocol decoders.  With a simple ngrep binary I can debug
any text based protocol I understand.

  Of course, turn on TLS and see how useful *any* of these tools are...

  The core SIP spec and authors can't be blamed for the various junk
people have been putting in SIP bodies.  If what's going on in the
real world is any indication, that ship sailed long ago.  At this
point as long as implementations can at least handle multi-part
sensibly and everyone specifies the correct MIME type I don't really
care.

  Even nastier examples abound - embedded, encapsulated ISUP!  How
about GTD?  What about Linksys phones using SIP INFO to serve
directories?  Man I could go on and on...

  I'm not going to write a paper about it but I don't think it's that
bad.  Maybe I'm not just weird; maybe I'm a masochist! :)

> PS
>
> supposedly sofia can support sctp,
> someone should try it.

  That would be cool.  For anyone wanting to try, various SERs support
SCTP.  Cisco gateways do too.

-- 
Kristian Kielhofner
http://blog.krisk.org
http://www.submityoursip.com
http://www.astlinux.org
http://www.star2star.com

More information about the FreeSWITCH-users mailing list