[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sip-implementors
Subject:    RE: [Sip-implementors] SIP TLS
From:       Lau Jason-A13484 <A13484 () motorola ! com>
Date:       2004-07-28 14:31:10
Message-ID: 8E4E38BF6D087F4488E80ABAACA2F3F48ED252 () il27exm02 ! cig ! mot ! com
[Download RAW message or body]

Hi Todd,
Try reading up on the TLS (RFC2246/books) to learn the protocol and the role X.509 \
certificates play in the TLS authentication/encryption. 

Think of TLS as a transport layer like TCP on which you send SIP msgs. (actually, TLS \
is a another layer above TCP). There's an opensource openssl APIs that you could use \
to setup TLS connections programmatically. (http://www.openssl.org). Once the SSL \
connection is established, you basically write to the ssl socket, just like you would \
write to a TCP socket.

Hope that helps ...
-- Jason

-----Original Message-----
From: sip-implementors-bounces@cs.columbia.edu \
                [mailto:sip-implementors-bounces@cs.columbia.edu] On Behalf Of Todd \
                Huang
Sent: Wednesday, July 28, 2004 7:16 AM
To: sip-implementors@cs.columbia.edu
Subject: [Sip-implementors] SIP TLS


Hi:

    I am now trying to implement the SIP TLS transportation. Since I am new 
to this field, I wish someone can give me any advice.

    As I know, SIP client should send its certificate to the Authentication 
Server to get the key for encrypting the SIP messages. Who will bw the 
Authentication Server? The SIP proxy server? Or a third party server is 
needed? To protect the certificate, the SIP client need a 'shared secret' 
between it and the server. How does the 'shared secret' be set? Manually 
configuration or through public key exchange?

    By the way, does anyone know any document describing the call flow or 
operation of the SIP transportation using TLS?

    Thanks.

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

_______________________________________________
Sip-implementors mailing list
Sip-implementors@cs.columbia.edu \
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic