6 nov 2010 kl. 15.30 skrev Hans Witvliet: > Hi all, > > As stated in the subject, slightly off-topic, as it is not directly a > Asterisk issue, but more SIP in general > > Because security in general, and specifically identification becomes > more and more a subject for more concern, and Asterisk is capable of > doing sip/TLS, i was wondering what more could be done to improve > security. > > Specially softphones, might it be possible to employ etokens or > smartcards for holding the certificates needed by TLS? > > Done before?
In the SIP protocol there is support for TLS client certificates, much like in HTTP. Asterisk doesn't support it. You need to put a SIP proxy like Kamailio in front of Asterisk to get this kind of strong authentication. /O -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users