Re: [Devel] Re: uac_auth - set credentials with avpops

Fri, 20 Jan 2006 07:45:59 -0800

I still do not see why you must use digest authentication. Using TLS with a certificate (signed by a well known CA or by the VoIP termination provider itself) gives the same authentication as using username/password. 

regards
klaus


Thomas Gelf wrote:

Klaus Darilion schrieb:
 > Have you tried other authentication mechanisms, e.g. TLS based?

I would really like to do so - tecnically there are lots of methods
ways better than rewriting each SIP packets credentials.

The problem is more a political than a tecnical one: Italy has
lots of very old laws, far away from reality - but in the last
time it looks as they would seriously like to win the European
"who-has-the-most-comprehensive-anti-terrorism-law"-competition.

No more free public internet access points, severe restrictions
regulating internet access in hotels, everybody has to log every-
thing forever and everyone could be prosecuted and punished for
everything and mostly for not satisfying our governments vague
regulations.

So as long as laws are there and nobody knows how to apply them
you could either

a) go on like you are already doing and hope that nobody will
   ever ask you if you did a good job in satisfying the new
   privacy/anti-terrorism/whatever-laws

b) try to make a lucky guess and immagine what government may
   exactly want you to do or

c) take the strongest measurements you could take to be absolutely
   sure to respect the law

There is a great uncertainty about how law should be applied and
our "VoIP/PSTN-Uplink-Provider" (DID-Provider, whatever - what's
the right term for such a kind of "uplink provider"?) at the moment
offers absolutely no way to do some kind of "SIP peering". We also
have to grant that we would take fotocopies from each VoIP users
valid identity card and and and...

Many thanks to Mr. Berlusconi and his friend Mr. Bush for making
our world that secure! What? You don't want government to control
every little step you are doing? Maybe you are in favour of child
porn and terrorism, aren't you?

Cheers,
Thomas


_______________________________________________
Devel mailing list
Devel@openser.org
http://openser.org/cgi-bin/mailman/listinfo/devel





_______________________________________________
Devel mailing list
Devel@openser.org
http://openser.org/cgi-bin/mailman/listinfo/devel

Reply via email to