26 Feb
2009
26 Feb
'09
11:24 a.m.
26 feb 2009 kl. 10.10 skrev Daniel-Constantin Mierla:
Hello,
On 02/26/2009 09:34 AM, Johansson Olle E wrote:
The original SIPS spec was very vague here. IPsec was among the
"approved solutions". Also note
that the requirements did not require any protection on the last hop.
Kamailio is allowed to use
UDP on a SIPS uri when calling a registered phone.
I haven't had time to go through the changes in the latest update, but
it was supposed to fix a
lot of these issues.
The document I need to re-read and store in parsed format somewhere in
my memory storage is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-sips-09.txt
" This document provides clarifications and guidelines concerning the
use of the SIPS URI scheme in the Session Initiation Protocol (SIP).
It also makes normative changes to SIP."
"1. Introduction
The meaning and usage of the SIPS URI scheme and of TLS [RFC5246] is
underspecified in SIP [RFC3261] and has been a source of confusion for
implementers. This document provides clarifications and guidelines
concerning the use of the SIPS URI scheme in the Session Initiation
Protocol (SIP). It also makes normative changes to SIP (including both
[RFC3261] and [RFC3608]."
/O
25 feb 2009 kl. 11.05 skrev Henning Westerholt:
what I tried to figure out in one of my previous emails, is:
- does sips requires TLS only, or can be any form of secure
communication channel, e.g., ipsec? SIPS is the secure variant of SIP, it uses TLS to
encrypt its data.
Actually both SIP: and SIPS: can be protected by TLS. The
difference is that a SIPS: url *request* TLS.