Cheers Gabriel.. thanks for the information. I'll look at the Mediatrix ATA's as an alternative - has anyone had experience with those and TLS/SRTP?
On Fri, Dec 4, 2009 at 10:25 AM, Gabriel Kuri <gk...@ieee.org> wrote: > The ATAs I'm aware that claim support for TLS and SRTP w/ SDES are the > Grandstream and Mediatrix devices (although I've never tried either > one with FreeSWITCH). > > I've personally never had any good experience with the Grandstream > ATAs. The Mediatrix ATAs are OK devices, but I've never personally > tested them with SRTP w/SDES and FreeSWITCH, but supposedly they > support it (so says their marketing material and docs). > > I'd see if Cisco has any plans to add support for it to the ATAs. Next > time I see our Cisco SE, I'll try to poke him about it. > > Gabe > > On Thu, Dec 3, 2009 at 2:34 PM, Mark Campbell-Smith > <mcampbellsm...@gmail.com> wrote: >> Quote: Cisco/Linksys SPA series ATAs do not support SDES key exchange >> to appropriately support SRTP and FreeSWITCH >> >> I'll check with Cisco regarding their implementation then and try to >> find out when/if they will support standard SRTP encryption. >> >> >> So, back to my origianal question then. Are there any ATA's that >> support TLS AND SRTP with FreeSwitch? >> >> >> On Fri, Dec 4, 2009 at 9:17 AM, Gabriel Kuri <gk...@ieee.org> wrote: >>> AFAIK, the Cisco/Linksys SPA series ATAs do not support SDES key >>> exchange to appropriately support SRTP and FreeSWITCH. They do their >>> proprietary Sipura key exchange only, not sure if Cisco plans on >>> upgrading the firmware to ever support SDES on the ATAs. They added >>> support for SDES to their IP Phones about 1 year ago, but nothing has >>> happened with the ATAs as of yet. >>> >>> Gabe >>> >>> >>> On Thu, Dec 3, 2009 at 2:05 PM, Mark Campbell-Smith >>> <mcampbellsm...@gmail.com> wrote: >>>> Hi All, >>>> >>>> I managed to borrow a SPA3102 with the latest firmware and have got it >>>> to register using TLS, but I am still struggling with SRTP. Has >>>> anyone managed to get SRTP working with the Linksys devices and if so, >>>> can they direct me on how to do this. >>>> >>>> I have generated a mini-certificates and SRTP Private Key using the >>>> gen-mc tool found at >>>> http://www.megajournal.ru/journal/users_data/11049/msg_files/24120/gen-mc.c-v0.98.tar.gz.mp3. >>>> However, when ever I initiate a call from the SPA, I can see that the >>>> call is not encrypted. >>>> >>>> Help appreciated. >>>> >>>> Thanks! >>>> >>>> >>>> On Sat, Nov 28, 2009 at 6:31 AM, eman <e...@chabotel.com> wrote: >>>>> Check out the Linksys SPA2102 >>>>> >>>>> On Wed, Nov 25, 2009 at 3:34 AM, Mark Campbell-Smith >>>>> <mcampbellsm...@gmail.com> wrote: >>>>>> >>>>>> The only ATA mentioned on the WIKI that supports TLS/SRTP is the >>>>>> Grandstream HandyTone 503. But, again according to the wiki, that >>>>>> doesn't seem to behave to well with TLS ... >>>>>> >>>>>> On Wed, Nov 25, 2009 at 7:14 PM, Jason White <ja...@jasonjgw.net> wrote: >>>>>> > Mark Campbell-Smith <mcampbellsm...@gmail.com> wrote: >>>>>> >> Does the SPA3102 support TLS or only SRTP? >>>>>> > >>>>>> > I don't know, but supporting only SRTP would be ridiculous, since the >>>>>> > keys >>>>>> > would then be transmitted in the clear and therefore amenable to >>>>>> > interception. >>>>>> > SRTP requires the SIP channel to be encrypted by TLS in order to be >>>>>> > secure. >>>>>> > ZRTP, on the other hand, doesn't have this limitation: it works >>>>>> > entirely >>>>>> > in >>>>>> > RTP. >>>>>> > >>>>>> > I would be rather surprised were a hardware manufacturer to implement >>>>>> > SRTP >>>>>> > without TLS for the SIP traffic. On the other hand, we've seen often in >>>>>> > this >>>>>> > forum that some manufacturers are really clueless... >>>>>> > >>>>>> > >>>>>> > _______________________________________________ >>>>>> > FreeSWITCH-users mailing list >>>>>> > FreeSWITCH-users@lists.freeswitch.org >>>>>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>>>>> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>>>>> > http://www.freeswitch.org >>>>>> > >>>>>> >>>>>> _______________________________________________ >>>>>> FreeSWITCH-users mailing list >>>>>> FreeSWITCH-users@lists.freeswitch.org >>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>>>>> http://www.freeswitch.org >>>>> >>>>> >>>>> _______________________________________________ >>>>> FreeSWITCH-users mailing list >>>>> FreeSWITCH-users@lists.freeswitch.org >>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>>>> http://www.freeswitch.org >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> FreeSWITCH-users mailing list >>>> FreeSWITCH-users@lists.freeswitch.org >>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>>> http://www.freeswitch.org >>>> >>> >>> _______________________________________________ >>> FreeSWITCH-users mailing list >>> FreeSWITCH-users@lists.freeswitch.org >>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>> http://www.freeswitch.org >>> >> >> _______________________________________________ >> FreeSWITCH-users mailing list >> FreeSWITCH-users@lists.freeswitch.org >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >> http://www.freeswitch.org >> > > _______________________________________________ > FreeSWITCH-users mailing list > FreeSWITCH-users@lists.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users > http://www.freeswitch.org > _______________________________________________ FreeSWITCH-users mailing list FreeSWITCH-users@lists.freeswitch.org http://lists.freeswitch.org/mailman/listinfo/freeswitch-users UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users http://www.freeswitch.org