Am 18.08.2008 um 23:27 schrieb Peter Saint-Andre:
AFAICS, TLS enables us to use PGP keys (experimental, not yet supported in all TLS libraries), CA-issued certs, and self-signed certs (leap of faith). There's no SAS support in TLS yet but that might be developed down the line because, as discussed on the TLS list recently, members of the SIP community (and others) are interested in that feature.
That still means no implementation has it, thus the advantage of being able to just use one of the TLS implementations is gone. So we could as well try to get a cryptanalysis for ESessions for a cheap price and use Brandan Taylors implementation, for which he already offered to port it to C so others can use it with nearly no afford at all.
-- Jonathan
PGP.sig
Description: This is a digitally signed message part
