[OpenSIPS-Users] [NEW Module] SIP Identity

Jiri Kuthan jiri at iptel.org
Fri Feb 20 01:02:14 CET 2009 

The down side of it is however it is apparently unusable.
We have had support for Identity in SER for years and there are today
to my best knowledge zero production uses. Most of the complaints go to the
account of excessive integrity checks and requirement for certificate
authority.

-jiri

Bogdan-Andrei Iancu wrote:
> Hi Adrian,
> 
> This is the part i like about SIP identity:
>     - it is more efficient than TLS
>     - it is protocol independent. With TLS you have a lot of burn with 
> protocol switching if you want to get some security between 2 nodes.
> 
> Regards,
> Bogdan
> 
> Adrian Georgescu wrote:
>> Beyond being plain interesting, it is the most cost-efective way to 
>> implement secure identity between SIP Proxies serving different domains.
>>
>> Adrian
>>
>> On Feb 10, 2009, at 8:57 PM, Iñaki Baz Castillo wrote:
>>
>>> El Martes, 10 de Febrero de 2009, Bogdan-Andrei Iancu escribió:
>>>> Hello,
>>>>
>>>>
>>>> OpenSIPS 1.5.0 has a new module. The "identity" module is an
>>>> implementation of SIP identity as per RFC 4474
>>>> (http://www.ietf.org/rfc/rfc4474.txt).
>>>>
>>>> Abstract (from RFC) :
>>>>
>>>>   The existing security mechanisms in the Session Initiation Protocol
>>>>   (SIP) are inadequate for cryptographically assuring the identity of
>>>>   the end users that originate SIP requests, especially in an
>>>>   interdomain context.  This document defines a mechanism for securely
>>>>   identifying originators of SIP messages.  It does so by defining two
>>>>   new SIP header fields, Identity, for conveying a signature used for
>>>>   validating the identity, and Identity-Info, for conveying a reference
>>>>   to the certificate of the signer
>>> Really interesting :)
>>>
>>>
>>> -- 
>>> Iñaki Baz Castillo
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org <mailto:Users at lists.opensips.org>
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>   
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>

More information about the Users mailing list