Inaki, how can we deal with this scenario: Client uses TLS to the proxy. Between proxy and gateway UDP is used.
In a deprecated way I would use: INVITE sip:12345@domain Route: sip:domain;transport=tls Contact: sip:1.2.3.4:5678;transport=tls In the standardized way I think I have to use: INVITE sip:12345@domain Route: sips:domain;transport=tcp Contact: sips:1.2.3.4:5678;transport=tcp Thus, reINVITE would have RURI with "sips". Wouldn't this imply that all the way TLS must be used and reINVITE fail as the gateway only supports UDP? regards Klaus Am 06.07.2011 10:32, schrieb Iñaki Baz Castillo: > 2011/7/6 Klaus Darilion <[email protected]>: >> If you do not change the RURI but add a Route header with "sips:" then >> it would influence only the next hop. > > Mmmm, imagine this INVITE sent by a UA via TLS: > > INVITE sip:[email protected] > Via: SIP/2.0/TLS > Route: <sips:myproxy> > Contact: <sip:[email protected]> > > In this case, the UA would send the INVITE via TCP but in-dialog > request from the remote would be delivered by the proxy to alice via > UDP (the Contact header). > > AFAIK RFC 5630 states that, in order to send a request via TLS > (without requiring security in all the path) the UAC must use: > > INVITE sip:[email protected] > Via: SIP/2.0/TLS > Contact: <sips:[email protected]> > > > _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
