Mohammad Halawah wrote: > Hello everyone, > ... > I know that Asterisk has a patch to enable SRTP with Sdecriptions as > mentioned in http://bugs.digium.com/view.php?id=5413 > > I know also that there is a working patch for TLS as Russel mentioned > (9th July 2007) in > http://lists.digium.com/pipermail/asterisk-dev/2007-July/028454.html > which is made for revision 88524 as can be seen in > http://svn.digium.com/svn/asterisk/team/bbryant/sip-tcptls. > > Additionally, in this link http://bugs.digium.com/view.php?id=4903 , I > found two patches dated after 9th July. > > I think that I can use asterisk on this link > http://svn.digium.com/svn/asterisk/team/bbryant/sip-tcptls/ and patch > it with the SRTP patch "ast_srtp_r81432_mikey_r3412.patch" located > here http://bugs.digium.com/view.php?id=5413 . Does that make sense? > > I would appreciate someone help me finding the right combination of > trunk/revision/patch. Thanks in advance. >
I haven't tried to apply the SRTP patch on the sip-tcptls branch, you may need to deal with conflicts since both touch chan_sip. An alternative approach is to use a SIP proxy to translate between TLS and UDP, for example openser or yxa. Of course you need to secure the link between Asterisk and the proxy, maybe by running both on the same host. I would like to add that the SRTP patch besides sdescriptions also supports MIKEY (Multimedia KEYing), which doesn't require a secure transport such as TLS or S/MIME. Regards, Mikael _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
