6 Jul
2011
6 Jul
'11
1:28 p.m.
Inaki, how can we deal with this scenario:
Client uses TLS to the proxy. Between proxy and gateway UDP is used.
In a deprecated way I would use:
INVITE sip:12345@domain
Route: sip:domain;transport=tls
Contact: sip:1.2.3.4:5678;transport=tls
In the standardized way I think I have to use:
INVITE sip:12345@domain
Route: sips:domain;transport=tcp
Contact: sips:1.2.3.4:5678;transport=tcp
Thus, reINVITE would have RURI with "sips". Wouldn't this imply that all
the way TLS must be used and reINVITE fail as the gateway only supports UDP?
regards
Klaus
Am 06.07.2011 10:32, schrieb IƱaki Baz Castillo:
2011/7/6 Klaus Darilion
<klaus.mailinglists(a)pernau.at>at>:
If you do not change the RURI but add a Route
header with "sips:" then
it would influence only the next hop.
Mmmm, imagine this INVITE sent by a UA via TLS:
INVITE sip:bob@domain.com
Via: SIP/2.0/TLS
Route: <sips:myproxy>
Contact: <sip:alice@1.2.3.4>
In this case, the UA would send the INVITE via TCP but in-dialog
request from the remote would be delivered by the proxy to alice via
UDP (the Contact header).
AFAIK RFC 5630 states that, in order to send a request via TLS
(without requiring security in all the path) the UAC must use:
INVITE sip:bob@domain.com
Via: SIP/2.0/TLS
Contact: <sips:alice@1.2.3.4>