I wrote some call flows in http://www.ietf.org/internet-drafts/draft-jennings-sip-sec-flows-01.txt
There is an open source stack www.resiprocate.org with working code that you can look at and use On 7/28/04 7:31 AM, "Lau Jason-A13484" <[EMAIL PROTECTED]> wrote: > Hi Todd, > Try reading up on the TLS (RFC2246/books) to learn the protocol and the role > X.509 certificates play in the TLS authentication/encryption. > > Think of TLS as a transport layer like TCP on which you send SIP msgs. > (actually, TLS is a another layer above TCP). There's an opensource openssl > APIs that you could use to setup TLS connections programmatically. > (http://www.openssl.org). Once the SSL connection is established, you > basically write to the ssl socket, just like you would write to a TCP socket. > > Hope that helps ... > -- Jason > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Todd Huang > Sent: Wednesday, July 28, 2004 7:16 AM > To: [EMAIL PROTECTED] > Subject: [Sip-implementors] SIP TLS > > > Hi: > > I am now trying to implement the SIP TLS transportation. Since I am new > to this field, I wish someone can give me any advice. > > As I know, SIP client should send its certificate to the Authentication > Server to get the key for encrypting the SIP messages. Who will bw the > Authentication Server? The SIP proxy server? Or a third party server is > needed? To protect the certificate, the SIP client need a 'shared secret' > between it and the server. How does the 'shared secret' be set? Manually > configuration or through public key exchange? > > By the way, does anyone know any document describing the call flow or > operation of the SIP transportation using TLS? > > Thanks. > > _________________________________________________________________ > Add photos to your messages with MSN 8. Get 2 months FREE*. > http://join.msn.com/?page=features/featuredemail > > _______________________________________________ > Sip-implementors mailing list > [EMAIL PROTECTED] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors > _______________________________________________ > Sip-implementors mailing list > [EMAIL PROTECTED] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
