Paul: Carolyn wrote: >No. TLS Peer is an optional add on to apply permissions to calls coming in >from a trusted peer. Otherwise they come in with no permissions, and rules >that don't require permissions work. TLS Peer has nothing to do with TLS >authentication (which is done by adding the appropriate CA).
So it sounds like the optional TLS Peer need only be created to apply permissions. Therefore, it is pointless to create a TLS Peer without associating a permissions with it, although it won't be "wrong" to do so. I think this is where Paul thinks why it would be confusing. Since it is not "wrong", perhaps a warning to the user is more appropriate ?? Please comment. Thanks, Carson -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Beeton, Carolyn (Carolyn) Sent: Monday, June 14, 2010 10:32 AM To: Mossman, Paul (Paul); WORLEY, Dale R (Dale); [email protected] Subject: Re: [sipX-dev] XX-8534 -- TLS Peers must have at least one enabled Call Permission to be have any effect > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Mossman, > Paul (Paul) > Sent: Monday, June 14, 2010 10:10 AM > To: WORLEY, Dale R (Dale); [email protected] > Subject: Re: [sipX-dev] XX-8534 -- TLS Peers must have at least one > enabled Call Permission to be have any effect > > Dale wrote: > > I was looking at XX-8534 (TLS Peers must have at least one enabled > > Call Permission to be have any effect) and I thought that the issue > > might be incorrect. It seems to me to be possible that an > > administrator might want to have a proper TLS connection > between two > > sipXecs systems, but have calls incoming through the > connection have > > no permissions, that is, they can only contact local phones. > > Just to confirm... Calls between the two systems fail (at the TLS > connection level) if they don't each have the other configured as a > TLS Peer? > > > -Paul > [email protected] No. TLS Peer is an optional add on to apply permissions to calls coming in from a trusted peer. Otherwise they come in with no permissions, and rules that don't require permissions work. TLS Peer has nothing to do with TLS authentication (which is done by adding the appropriate CA). Carolyn _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/ _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
