[Freeswitch-users] ATA that supports TLS/SRTP w FS
Mark Campbell-Smith
mcampbellsmith at gmail.com
Thu Dec 3 14:34:29 PST 2009
Quote: Cisco/Linksys SPA series ATAs do not support SDES key exchange
to appropriately support SRTP and FreeSWITCH
I'll check with Cisco regarding their implementation then and try to
find out when/if they will support standard SRTP encryption.
So, back to my origianal question then. Are there any ATA's that
support TLS AND SRTP with FreeSwitch?
On Fri, Dec 4, 2009 at 9:17 AM, Gabriel Kuri <gkuri at ieee.org> wrote:
> AFAIK, the Cisco/Linksys SPA series ATAs do not support SDES key
> exchange to appropriately support SRTP and FreeSWITCH. They do their
> proprietary Sipura key exchange only, not sure if Cisco plans on
> upgrading the firmware to ever support SDES on the ATAs. They added
> support for SDES to their IP Phones about 1 year ago, but nothing has
> happened with the ATAs as of yet.
>
> Gabe
>
>
> On Thu, Dec 3, 2009 at 2:05 PM, Mark Campbell-Smith
> <mcampbellsmith at gmail.com> wrote:
>> Hi All,
>>
>> I managed to borrow a SPA3102 with the latest firmware and have got it
>> to register using TLS, but I am still struggling with SRTP. Has
>> anyone managed to get SRTP working with the Linksys devices and if so,
>> can they direct me on how to do this.
>>
>> I have generated a mini-certificates and SRTP Private Key using the
>> gen-mc tool found at
>> http://www.megajournal.ru/journal/users_data/11049/msg_files/24120/gen-mc.c-v0.98.tar.gz.mp3.
>> However, when ever I initiate a call from the SPA, I can see that the
>> call is not encrypted.
>>
>> Help appreciated.
>>
>> Thanks!
>>
>>
>> On Sat, Nov 28, 2009 at 6:31 AM, eman <eman at chabotel.com> wrote:
>>> Check out the Linksys SPA2102
>>>
>>> On Wed, Nov 25, 2009 at 3:34 AM, Mark Campbell-Smith
>>> <mcampbellsmith at gmail.com> wrote:
>>>>
>>>> The only ATA mentioned on the WIKI that supports TLS/SRTP is the
>>>> Grandstream HandyTone 503. But, again according to the wiki, that
>>>> doesn't seem to behave to well with TLS ...
>>>>
>>>> On Wed, Nov 25, 2009 at 7:14 PM, Jason White <jason at jasonjgw.net> wrote:
>>>> > Mark Campbell-Smith <mcampbellsmith at gmail.com> wrote:
>>>> >> Does the SPA3102 support TLS or only SRTP?
>>>> >
>>>> > I don't know, but supporting only SRTP would be ridiculous, since the
>>>> > keys
>>>> > would then be transmitted in the clear and therefore amenable to
>>>> > interception.
>>>> > SRTP requires the SIP channel to be encrypted by TLS in order to be
>>>> > secure.
>>>> > ZRTP, on the other hand, doesn't have this limitation: it works entirely
>>>> > in
>>>> > RTP.
>>>> >
>>>> > I would be rather surprised were a hardware manufacturer to implement
>>>> > SRTP
>>>> > without TLS for the SIP traffic. On the other hand, we've seen often in
>>>> > this
>>>> > forum that some manufacturers are really clueless...
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > FreeSWITCH-users mailing list
>>>> > FreeSWITCH-users at lists.freeswitch.org
>>>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> > http://www.freeswitch.org
>>>> >
>>>>
>>>> _______________________________________________
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>>
>>> _______________________________________________
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
More information about the FreeSWITCH-users
mailing list