[Freeswitch-users] Updating TLS
Mehroz Ashraf
mehroz.ashraf85 at gmail.com
Fri Sep 13 15:29:11 MSD 2013
Agreed ! TLS/SSL seems to be not so important unless FS is capable of
providing security implementation in some form atleast. This is great,
when you JUST have to secure your communication.
but, NOT , when security is the only concern. I have been trying to
mature the TLS handshake on SUITE-B standard, but yet unsuccessful
acquiring so.
I believe that FS use openSSL for dealing with encryption methods and
therefore, I have taken it to the version 1.0.1e, which supports
TLS1.1 , 1.2 . But , FS doesnt verfiy those Cipher
[TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256].
I have already a jira ticket opened here:
http://jira.freeswitch.org/browse/FS-5719
On Fri, Sep 13, 2013 at 3:54 PM, Privus 007 <privus007 at gmail.com> wrote:
> Anyone have any thoughts or hints on this?
> Am I the only one interested in upgrading the security aspects of FS?
>
> Don't mean to be a pain, but I'm surprised at the apparent lack of
> interest.
>
>
> On Wed, Sep 11, 2013 at 8:09 PM, privs <privus007 at gmail.com> wrote:
>
>> Hi,
>>
>> Given the recent revelations regarding the state of the net's
>> (in)security,
>> and as a longtime user of TLS with SRTP in FS, I think it would be prudent
>> to update the TLS version and ciphers that FS can negotiate.
>>
>> Currently FS only supports TLS 1.0 (correct me if I'm wrong), which has
>> some worrying security issues
>> <http://www.wired.co.uk/news/archive/2013-02/05/weakness-in-tsl-protocol>
>> .
>> Is it possible to upgrade to TLS 1.1 (or even better, 1.2)? I'd like to
>> use
>> AES in the 256 key length instead of the standard 128.
>>
>> Anyone know if this is on the agenda and/or where I can have a closer look
>> at the cipher order presented by FS?
>>
>> Thanks
>>
>>
>>
>> --
>> View this message in context:
>> http://freeswitch-users.2379917.n2.nabble.com/Updating-TLS-tp7594774.html
>> Sent from the freeswitch-users mailing list archive at Nabble.com.
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130913/4729f1e9/attachment.html
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users
mailing list