[OpenSIPS-Users] OpenSIPS @ SIPNOC 2019

volga629 at networklab.ca volga629 at networklab.ca
Tue Nov 26 08:24:45 EST 2019


Good Luck, very important mission.
You might willing bring to the table some improvement for the effort to 
provide better availability for CA list and  peer verification process.
If  SIPNOC willing to organize web service where all involved parties 
will be able to  register and go through  verify process  as trusted  
telco or voip provider.
And then expose API  from telcos or voip providers end points only ( 
must have fixed end point ip) to get verification information for CA 
list or peer information.
That will have minimal impact on on application layer and will provide 
true trusted source of verification process.

1.3.3. ca_list (string)

   Path to a file containing trusted CA certificates for the
   verifier. The certificates must be in PEM format, one after
   another.

   Example 1.3. Set ca_list parameter
...
modparam("stir_shaken", "ca_list", "/stir_certs/ca_list.pem")
...


volga629



On Tue, Nov 26, 2019 at 14:31, Bogdan-Andrei Iancu 
<bogdan at opensips.org> wrote:
> Hi All
> 
>  On 5th of December, I will talk at 
> <https://www.linkedin.com/feed/hashtag/?highlightedUpdateUrns=urn%3Ali%3Aactivity%3A6605066211233460224&keywords=%23sipnoc2019&originTrackingId=7AFxItq%2BFji6frtUIfI3qg%3D%3D>SIPNOC 
> 2019 [1] about the new STIR/SHAKENimplementation [2] in OpenSIPS 3.1, 
> about the usage models and the associated risks.
> 
> 
> [1] <https://www.sipforum.org/news-events/sipnoc-2019-overview/>
>  [2] 
> <https://github.com/OpenSIPS/opensips/tree/master/modules/stir_shaken>
> 
> 
>  10:45am – 11:15am: The Usage Models and Risks of STIR/SHAKEN, Seen 
> from the Pragmatism of an Implementation.
> 
> Abstracts:
>  There are many things still to be defined and settled in STIR/SHAKEN 
> from the regulatory perspective. Nevertheless, this presentation 
> wants to bring this topic under scrutiny from the point of view of an 
> implementation in the OpenSIPS SIP Server. So, what are the possible 
> STIR/SHAKEN usage scenarios from the perspective of how the SIP 
> traffic is handled and, more important, how the certificates are 
> managed. While a SIP server may cover the full horizontal of 
> authorization, inspection and verification processes, it is more 
> relevant to see what are the possible models when comes to 
> certificate managing. And definitely there is a need for coexistence 
> between a certificate-agnostic model and a certificate self-managing 
> model, in order to answer to future standardization and usage 
> challenges. ITSP, Telcos and Carries are to deploy and use 
> STIR/SHAKEN  implementations in the real word, so are they fully 
> aware of the security and performance risks introduced by such a 
> service? Well, the exercise of producing such a STIR/SHAKEN 
> implementation is a good way to answer these questions and get 
> yourselves ready.
> 
> 
>  See you in Washington!
> --
> Bogdan-Andrei Iancu
> 
> OpenSIPS Founder and Developer
>   https://www.opensips-solutions.com 
> <https://www.opensips-solutions.com/>
> OpenSIPS Bootcamp Pre-Registration
>   <https://opensips.org/training/OpenSIPS_Bootcamp/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20191126/936620ec/attachment.html>


More information about the Users mailing list