> Mathew Frank wrote: > > > Its, fast, lightweight, UDP, and will encrypt the entire contents of iax2 > > packets. > > > > Comments? > > It can't give feed back to the application about states beyond the > current link, some of the people posting on this wanted to demand end to > end encryption and be sure they were getting exactly that...
Actually I see this as a red herring for any encrypted tunnel - this is something that the asterisk box needs to handle anyway, and not a function of the transport layer itself - see below. As has already been mentioned, asterisk deals with a number of different connection method - including POTS, as well as the various VOIP protecols - and on that basis I am in favour of the various connection security options already mentioned (required, if available, etc). On that basis the Asterisk box has the ability to evaluate all transport methods, on the basis of encryption or not, and hence make that decision. ANOTHER THOUGHT: I would have to say that in my home office, I would not be concerned about unencryped SIP, or AIX2 on my protected, local network, because I am the only one on it - however a "all encrypted" connection option would in theory block a call to me here, unless I could override settings somehow, in which case if they were overridable. That would bring in a trust issue with the operators of Asterisk servers, tho if you can`t trust the server operator, then you are screwed anyway. Unless of course, the encryption was truly end to end - in which case the asterisk server in the middle could not decrypt it. I don`t see how this would be implementable though. Which leads to another question: realisticly, how many asterisk servers is a call going to route through accross the internet? I would have thought that would be only one - any that that would be a waste, and a source of excess lag. Are we worried about a secondary asterisk server inside a corporation that needs to be encrypted? Cheers, Mathew _______________________________________________ Asterisk-Dev mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-dev To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
