10 Oct
2011
10 Oct
'11
4:58 p.m.
2011/10/10 Juha Heinanen <jh(a)tutpro.com>om>:
Indeed. And honestly I don't like that at all.
That's not security, it's just "local policy". Mandating the audio
through a RTP tunnel is not "security".
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
For platforms
where you want some sort of integrity check in the
message, like with S/MIME or SIP Identity, rewriting the message will
break security. If we want to build secure platforms in SIP, we need
to find solutions that doesn't require SDP and SIP rewrites in the
proxys.
based on my observations from many users and also based what kind of new
modules people have written for sr lately, there is more and more
tendency towards adding b2bua kind of stuff to sip proxy. if you want
a secure solution, better not to use proxy at all, but some kind of p2p
protocol.
But nobody here is proposing RFC 5626 for security ;)
The point here is that, by implementing RFC 5626, a proxy does NOT
mangle the headers so, other proxies or UA's can verify the integrity
of the request (for example using Identity header). If the proxy
rewrites a header then forget Identity mechanism.
One thing I
realized the other night during a SIP discussion was that
Ice doesn't allow
a network provider to implement a policy. I don't think a proxy can't
say "442 Always use media relay"
and force the client to drop local addresses, like if there's a
requirement for lawful
intercept in the network. That will be something that needs to be
added to ICE.
making it yet more complex. forget proxy if you want end-to-end
security.