Hello! Deutsche Telekom introduced sips and srtp. I tested it and it works partly. Partly means: sips is working - but not srtp. srtp doesn't work, because of missing additional headers in the REGISTER and INVITE packages (according an enhancement of RFC 3329).
Example: UAC Registrar | | |----(1) REGISTER------------------------------>| | Security-Client: sdes-srtp;mediasec | | Proxy-Require: mediasec | | Require: mediasec | | | |<---(2) 401------------------------------------| | Security-Server: msrp-tls;mediasec | | Security-Server: sdes-srtp;mediasec | | Security-Server: dtls-srtp;mediasec | | | |----(3) REGISTER(with Authorization Header)--->| | Security-Client: sdes-srtp;mediasec | | Proxy-Require: mediasec | | Require: mediasec | | Security-Verify: msrp-tls;mediasec | | Security-Verify: sdes-srtp;mediasec | | Security-Verify: dtls-srtp;mediasec | | | |<---(4) 200 OK---------------------------------| | | | | |----(5) INVITE-------------------------------->| | Security-Verify: msrp-tls;mediasec | | Security-Verify: sdes-srtp;mediasec | | Security-Verify: dtls-srtp;mediasec | | a=3ge2ae:requested | | a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:EpcgtOdT5qd... | | |<---(8) 200 OK---------------------------------| | a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:lnfakjh2sd1.. You can find a complete description here (english language): https://www.telekom.de/hilfe/downloads/1tr114.pdf The example can be found on page 115. They need those mediasec parameters because of there compatibility with the 3GPP standards (http://www.qtc.jp/3GPP/Specs/33328-920.pdf) which would require an additional signaling of the media plane security. Is this already implemented or did I miss something else? Thanks, regards, Michael -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
