[OpenSIPS-Users] [NEW Module] SIP Identity
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Fri Feb 20 18:27:04 CET 2009
and in my understanding, if a hope changes something in the body, It
should be authorized to do that and also it needs to update the Identity..
Regards,
Bogdan
Adrian Georgescu wrote:
> I imagine one would want to use this mechanism exactly between two
> legitimate hops to make sure that no intermediate has tempered with
> the messages, isn't it?
>
> Adrian
>
> Bogdan-Andrei Iancu wrote:
> > Hi Victor,
> >
> > I think this "limitation" is part of the mechanism :).
> >
> > it is the same as for secure sip and TLS
>
> not really -- changes to payload by legitimate SIP hops work with TLS
> but not with RFC4474.
> That was Victor's point.
>
> -jiri
>
> > - if you get on the path a node
> > with not TLS support, the call will fail. In this case, if a hop does
> > not understand SIP identity and changes the message, the call will be
> > denied.
> >
> > Regards,
> > Bogdan
> >
> > Victor Pascual Ávila wrote:
> >> On Tue, Feb 10, 2009 at 10:11 PM, Adrian Georgescu <ag at ag-
> projects.com> wrote:
> >>
> >>> Beyond being plain interesting, it is the most cost-efective way to
> >>> implement secure identity between SIP Proxies serving different
> domains.
> >>>
> >> Unless you had a node along the path breaking the signature
> >>
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
More information about the Users
mailing list