2012/12/11 Olle E. Johansson <o...@edvina.net>: > In addition there is a lot of missing pieces to get SIPS: to work. LIke how a > proxy > can signal back to the originating UA that it could not set up a TLS > connection because > the certificate of the next hop was bad/expired/not signed by approved CA or > something else.
And there are more issues (I hate to remember them) that make SIPS unfeasible. > After ten years, I think SIPS as a uri scheme is a lost cause. This does NOT > mean that > TLS is a lost cause, but I think we can't leave the decision about security > to the end point > user - and they can't decide whether or not they want to place a request for > "secure signalling" in their > call setup. The WebRTC way is better, just make every call more secure. Well, WebRTC just defines the media plane (which MUST be SRTP-DTLS) but the signaling plane is up to the application/web provider, which can be as secure (or insecure) as any SIP or HTTP deployment. Cheers. -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
