Howto:SIPS will work with V7: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
==Applies To==
==Applies To==


{{FIXME|reason=to be confirmed and be finished}}
This information applies to
This information applies to


Line 43: Line 41:
===SIPS===
===SIPS===


Sips menas SIP via TLS - we will implement SIP via TCP and TLS
Sips means SIP via TLS - we will implement SIP via TCP and TLS


===TLS===
===TLS===
Line 51: Line 49:
RSA with 3DES
RSA with 3DES


RSA with 128
RSA with AES-128


RSA with 256
RSA with AES-256


===Certificate===
all with SHA1 hashes.


Still in development - the definitively solution is not fixed now.
===Certificates===


The certificate gives the public key an identity
We support X.509 certificates with RSA keys and SHA1/MD5 signatures.


We will use the X.509 certificate
== Related Articles ==
 
[[Howto:Certificate management in V7]]
There will be a possibility that you can use your own certificate.
 
 
<!-- == Related Articles == -->


[[Category:Howto|{{PAGENAME}}]]
[[Category:Howto|{{PAGENAME}}]]

Latest revision as of 18:30, 1 April 2022

Applies To

This information applies to

  • all innovaphone devices with V7


More Information

This information is for future release and describes baisicly how we will implement secure sip.

This information is not confirmed now it is an basic overview how we will implement SIPS.

Secure SIP is a security mechanism defined by SIP RFC 3261 for sending SIP messages over a Transport Layer Security-encrypted channel.

Originally used for securing HTTP sessions, TLS can be repurposed to protect SIP session communications from eavesdropping or tampering.


Key exchange

In an SDP message we will send an attribute like this 

a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:fcUai9fK58dEKsmEQp4b5nylUROLpze0jLVyaE5i

This menas that SRTP will be used with AES-128 using a 32 Bit hash and the key fcUai9fK58dEKsmEQp4b5nylUROLpze0jLVyaE5i.

The whole SDP message will be sent encryped via TLS to protect the key.

SRTP

innovaphone will support

AES-128

AES-192

AES-256

all with 32 or 80 bit SHA1 hashed message authentication codes (HMAC).

SIPS

Sips means SIP via TLS - we will implement SIP via TCP and TLS

TLS

innovaphone will support

RSA with 3DES

RSA with AES-128

RSA with AES-256

all with SHA1 hashes.

Certificates

We support X.509 certificates with RSA keys and SHA1/MD5 signatures.

Related Articles

Howto:Certificate management in V7

Retrieved from "https://wiki.innovaphone.com/index.php?title=Howto:SIPS_will_work_with_V7&oldid=61586"