[OpenSIPS-Devel] [OpenSIPS-Users] OpenSIPS @ SIPNOC 2019
volga629 at networklab.ca
volga629 at networklab.ca
Tue Nov 26 08:24:45 EST 2019
Good Luck, very important mission.
You might willing bring to the table some improvement for the effort to
provide better availability for CA list and peer verification process.
If SIPNOC willing to organize web service where all involved parties
will be able to register and go through verify process as trusted
telco or voip provider.
And then expose API from telcos or voip providers end points only (
must have fixed end point ip) to get verification information for CA
list or peer information.
That will have minimal impact on on application layer and will provide
true trusted source of verification process.
1.3.3. ca_list (string)
Path to a file containing trusted CA certificates for the
verifier. The certificates must be in PEM format, one after
Example 1.3. Set ca_list parameter
modparam("stir_shaken", "ca_list", "/stir_certs/ca_list.pem")
On Tue, Nov 26, 2019 at 14:31, Bogdan-Andrei Iancu
<bogdan at opensips.org> wrote:
> Hi All
> On 5th of December, I will talk at
> 2019  about the new STIR/SHAKENimplementation  in OpenSIPS 3.1,
> about the usage models and the associated risks.
>  <https://www.sipforum.org/news-events/sipnoc-2019-overview/>
> 10:45am – 11:15am: The Usage Models and Risks of STIR/SHAKEN, Seen
> from the Pragmatism of an Implementation.
> There are many things still to be defined and settled in STIR/SHAKEN
> from the regulatory perspective. Nevertheless, this presentation
> wants to bring this topic under scrutiny from the point of view of an
> implementation in the OpenSIPS SIP Server. So, what are the possible
> STIR/SHAKEN usage scenarios from the perspective of how the SIP
> traffic is handled and, more important, how the certificates are
> managed. While a SIP server may cover the full horizontal of
> authorization, inspection and verification processes, it is more
> relevant to see what are the possible models when comes to
> certificate managing. And definitely there is a need for coexistence
> between a certificate-agnostic model and a certificate self-managing
> model, in order to answer to future standardization and usage
> challenges. ITSP, Telcos and Carries are to deploy and use
> STIR/SHAKEN implementations in the real word, so are they fully
> aware of the security and performance risks introduced by such a
> service? Well, the exercise of producing such a STIR/SHAKEN
> implementation is a good way to answer these questions and get
> yourselves ready.
> See you in Washington!
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> OpenSIPS Bootcamp Pre-Registration
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Devel