Re: [SR-Users] TLS and SIP

JC>> If you record the full packet trace, wireshark can use your privkey.pem JC>> to decode the tls handshake, recover the session key, and use that to JC>> decode the payload packets. FC> This is true if you are not using an ephemeral Diffie Hellman cypher suite. Good point. A quick test shows that contacting asterisk-11 over tls/tcp negotiates rsa key exchange; kamailio does better and agrees to ECDHE-RSA. If the trace is of kama talking to asterisk ephemeral is not likely. Asterisk-12 may be better; I cannot test right now. Nor can I test freeswitch. -JimC -- James Cloos <cloos(a)jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6