Re: [Asterisk-Users] How to encript SIP comunications?

[Gregory Junker]

Linux 2.6 kernel includes IPSec directly, and ipsec-tools can be used to 
create a secure point-to-point link. OpenSWAN makes use of the kernel 
IPSec in 2.6, and makes it available in 2.2 and 2.4 kernels. IPSec can 
use shared keys or x509 certificates within or without a PKI for 
authentication. OpenVPN has been mentioned as another option, and it 
uses SSL/TLS for the encryption, and also supports PKI and PSK for auth. 
Both provide perfect-forward secrecy (PFS) which is important if your 
client wants past and future communications to remain impossible to 
decrypt, even with a compromised or subpoenaed private key.

Any of the above can be used to encrypt a point-to-point link such as 
the one you describe.

http://www.openswan.org
http://www.openvpn.org
Greg
Linux Dominicana wrote:
Hello everybody
 A given scenario:
A client does want to have his own VoIP PBX with Asterisk running, but
he ask me. How secure can be the communication among all subscribers?
If there're sniffers on the middle or any other listening device on a
given netowork.
The client is not fictitial, but it main requirement is encription of
all point to point comunications for given reasons.
Any guidance, products, solutions implementation available and if
works is much better.
Suggestions are welcome
Regards
John Fach
_______________________________________________
Asterisk-Users mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________
Asterisk-Users mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users