Fabio Pietrosanti wrote:
Brian Capouch ha scritto:
IAX encryption has been working for over a month now. I am not
qualified to audit it, but as far as "workability" I haven't
encountered any major problems.
Great! Could you point out some documentation about the design and/or
functionality and/or configuration?
I would be glad to propose it to opensource audit community on other
mailing lists
It is essentially undocumented, which of course is a big problem.
I'm not qualified to do it, by the way.
Basically it's an automatic features (CVS-HEAD only, btw) where anytime
a pair of IAX peers have encryption set to "yes" (or, as I understand
it, a mutually-agreed-upon and supported algorithm) then it just happens
automagically.
The code is in the various files that govern IAX in ~/channels.
B.
_______________________________________________
Asterisk-Security mailing list
[email protected]
http://lists.digium.com/mailman/listinfo/asterisk-security
