Re: [Sip] SIPit23 Survey Notes

Fri, 24 Oct 2008 13:34:40 -0700 

Hi Klaus -
The number represents endpoints that could actually emit a SIP message over IPSec at the event, not just ones that would work if IPSec happened to be the part of the transport. Its a measure of what the available implementations can be configured to do. 


What it doesn't capture is the tight-coupling w/ the IPSec  
implementation that's required to support, for instance, Digest-AKA as  
used in IMS. I don't have that statistic from this event, but based on  
conversations and observations at past events, the number would be non- 
zero but small.


RjS


On Oct 24, 2008, at 10:51 AM, Klaus Darilion wrote:




Thomas Froment schrieb:

Klaus Darilion wrote:

Hi Robert!

Robert Sparks schrieb:


19% supported SIP over IPSec



What do you mean with "SIP over IPSec"? Every protocol runs over  
IPSec as it is transparent to the application.

Well, SIP over IPsec is not really "transparent" to the SIP  
implementation:
when you want to send a request over an IPSec SA, you MUST be able  
to choose what is the source interface / source port and  
destination interface / destination port. This is not something so  
easy to implement at SIP transport level.



I still do not get it. You can use IPSec without any additional  
interfaces. If the IPSec implementation creates tunnel interfaces,  
that may cause problems to SIP client. But then the problem is due  
to tunnel interfaces (which can be anything, not only IPsec), not  
due to IPSec.



So if the SIP client does not care if the communication is secured  
with IPsec, then every client should work over IPsec too.


So the question is still - what means "supported SIP over IPSec"?


Does it mean, "Is the SIP client capable of retrieving IPsec  
information from the kernel to find out if a message will be sent  
via IPsec secured way?


regards
klaus
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip


_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip






















					Reply via email to