Enzo Michelangeli wrote:
X.509 opens the can of worms of certification chains, authorities etc. Most
Hasn't stopped SMTP-TLS from going full steam ahead...
importantly, how would a certificate issued by a trusted third party ensure that your peer does not eavesdrop the calls? If you know nothing about the remote server, you can't know if it's friend or foe either. At that point, why have authentication in first place?
Because it lets you move forward to using particular CAs in future, getting people to do something from which a stepping stone can lead to something better in future...
-- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Security mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-security
