Re: [asterisk-users] Asterisk encrypted authentication for clients

Pete Mundy Thu, 29 Oct 2015 21:20:07 -0700

Motty,

Isn't this why digest authentication (ie the nonce[1]) is part of the standard 
SIP auth handshake?

Ie, why do you think the password is not already encrypted?


Pete

[1] 
https://andrewjprokop.wordpress.com/2015/01/27/understanding-sip-authentication/
(paragraph starting 'Take a look at the Proxy-Authenticate header and you will 
see a Nonce parameter')


On 30/10/2015, at 10:01 AM, Motty <[email protected]> wrote:

> Thanks Jeff, 
> I don't want SIP over TLS. I would like to encrypt password only, I suppose 
> over TLS.
> 
> On 10/29/2015 01:11 PM, Jeff LaCoursiere wrote:
>> You want SIP over TLS.  That encrypts the signalling.  SRTP and ZRTP encrypt 
>> the actual voice traffic.

-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
               http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk encrypted authentication for clients

Reply via email to