Uttam Kumar Sarkar wrote:
-----Original Message----- From: Paul Kyzivat [mailto:[EMAIL PROTECTED] Sent: Monday, December 20, 2004 11:56 AM To: Uttam Kumar Sarkar Cc: 'Cullen Jennings'; Todd Huang; [EMAIL PROTECTED] Subject: Re: [Sip-implementors] SIP TLS
Uttam Kumar Sarkar wrote:
Keeping connetion forever is probably not the best options according to my opinion. Consider a case where a UA register and never makes a call. That UA will occupy the resources. Remember proxy will have max of 65,536 port (aprox. initial 2000 ports are reserved for system). It can't have more than that many UA to register. I think keeping TLS connetion per call is a better option. You make a connetion when you need it. Once you are doen then release it.
Couple of problems (at least) with this:
- time to establish a TLS connection may not provide good user experience
- what about outbound calls *to* the device? This would require the server to establish the TLS connection to the device.
Yes.
NATs and Firewalls can make this impossible.
I don't understand why? You mean UA's network will prevent proxy to make a TLS connection?
Yes. Very common for firewalls.
Also, its quite likely that client UAs won't have TLS certificates. _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
