[Freeswitch-users] Passwords in clear text
Peter P GMX
Prometheus001 at gmx.net
Thu Oct 23 04:07:03 PDT 2008
OK, I got it. The replay vulnerability only happens when key exchange is
done via unencrypted SIP. I understand that with TLS the Invite message
cannot be replayed as it cannot be seen in clear text.
Brian West schrieb:
> Its called TLS...
> On Oct 21, 2008, at 4:30 PM, Peter P GMX wrote:
>> In our environment DTMF is of course transported via SRTP so this is
>> more secure (although the key exchange by SDES is known to have
>> issues, as rtp streams may be replayed by a 3rd party, there is no
>> replay prevention mechanism in SDES and therefore also not in
>> freeswitch, hein?).
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
More information about the FreeSWITCH-users