James Cloos wrote:
"JColp" == Joshua Colp<[email protected]> writes:
JColp> The media is not carried over the SIP signaling,
Please give some credit, eh?
Given the sdp-negotiated srtp is not secure unless the sip is carried
over tls, the Best Practice is to require tls (or even sips: uris) to
agree to srtp.
If you are referring to SDES then yes, unless you can consider the
network completely trusted even without TLS.
Are you saying that asterisk doesn't care whether the sip is secure and
will happily negotiate srtp depending only on whether the remote is
willing to do so? (That may come off as harsh; I do not mean it to be
so, since it is what I want. :)
Yes.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
