I agree with Olle that the common "pass the buck" attitude is wrong,
although in this case I don't believe securing the messages should be
mandatory. Often the communication between servers will be over a
private/secure network and the user should be allowed to disable it if they
deem it an unnecessary overhead.

Either way, the ability to use TLS where required is a definite must, so
I'll go away and look into that now.

Thanks for the comments,

Charles



On 29 October 2013 11:45, Peter Dunkley <[email protected]>wrote:

> I don't know what would be involved in pushing DMQ messages through TLS as
> I am not familiar with the routing DMQ messages take through the Kamailio
> stack.
>
> I don't think that TLS should be mandatory for DMQ, just as it is not
> mandatory for SIP.  My thinking was just that if there is a way to
> configure DMQ to use TLS (perhaps by just putting "tls:" on the front of
> the server address) it would be a good thing.
>
> Regards,
>
> Peter
>
>
> On 29 October 2013 11:36, Charles Chance <[email protected]>wrote:
>
>>
>> On 29 October 2013 11:24, Alex Balashov <[email protected]>
>>  wrote:
>>
>> It's not my decision, but personally, I'd leave this to the user to
>>> secure, just like everything else that is kind of IPC in nature (database
>>> connections, HTTP queries, etc originating from script).
>>>
>>>
>> I'm inclined to agree. The DMQ module is indeed IPC in nature, so by
>> default I would expect to be responsible for securing that communication at
>> network layer. But still I question myself, is this the correct approach.
>>
>> Charles
>>
>>
>> www.sipcentric.com
>>
>> Follow us on twitter @sipcentric <http://twitter.com/sipcentric>
>>
>> Sipcentric Ltd. Company registered in England & Wales no. 7365592. Registered
>> office: Unit 10 iBIC, Birmingham Science Park, Holt Court South, Birmingham
>> B7 4EJ.
>>
>> _______________________________________________
>> sr-dev mailing list
>> [email protected]
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>>
>>
>
>
> --
> Peter Dunkley
> Technical Director
>  Crocodile RCS Ltd
>
> _______________________________________________
> sr-dev mailing list
> [email protected]
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
>

-- 
www.sipcentric.com

Follow us on twitter @sipcentric <http://twitter.com/sipcentric>

Sipcentric Ltd. Company registered in England & Wales no. 7365592. Registered 
office: Unit 10 iBIC, Birmingham Science Park, Holt Court South, Birmingham 
B7 4EJ.
_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

Reply via email to