OK, I got it. The replay vulnerability only happens when key exchange is done via unencrypted SIP. I understand that with TLS the Invite message cannot be replayed as it cannot be seen in clear text.
Brian West schrieb: > Its called TLS... > > /b > > On Oct 21, 2008, at 4:30 PM, Peter P GMX wrote: > > >> In our environment DTMF is of course transported via SRTP so this is >> more secure (although the key exchange by SDES is known to have >> security >> issues, as rtp streams may be replayed by a 3rd party, there is no >> replay prevention mechanism in SDES and therefore also not in >> freeswitch, hein?). >> > > > _______________________________________________ > Freeswitch-users mailing list > [email protected] > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users > http://www.freeswitch.org > > _______________________________________________ Freeswitch-users mailing list [email protected] http://lists.freeswitch.org/mailman/listinfo/freeswitch-users UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users http://www.freeswitch.org
