Hello,
On 2/9/12 11:52 PM, Daniel Pocock wrote:
On 09/02/12 21:49, Daniel-Constantin Mierla wrote:
Hello,
On 2/9/12 5:21 PM, Daniel Pocock wrote:
On 09/02/12 01:41, Daniel Pocock wrote:
I've been contemplating Daniel's earlier question about using the CAcert
certificates with Lumicall
sip5060.net should already accept mutual authentication from other
Kamailio instances running with a CAcert certificate
However, the Lumicall dialer itself will only connect to servers that
are using a cert signed by a root CA trusted within Android. This
applies to both the SIP and STUN over TLS support.
CAcert.org now supported...
nice...
Installing Lumicall does not change the trusted CAs for all apps on the
phone. It only adds the CACert (class 1 root) for the SIP TLS transport
within the app. This means you can use a CAcert.org cert on a Kamailio
server, and Lumicall will trust it.
On a side note, I've noticed that CAcert.org is allowing subjectAltName
(DNSName) within the certs it issues: this is another good reason to use
the CAcert.org certs, other CAs are quite awkward (or expensive) for
subjectAltName, and it is really useful for running multiple/virtual
hosted domains on a single SIP server.
I would be interested in any feedback about this, either for the
Lumicall app, or the interconnect to/from sip5060.net over TLS
is it available for download out of the android market? I have an
android phone (I guess it is 2.2), but haven't connected it to the
market -- I guess I can just use my gmail account for that, still I
would take the direct download alternative first, if available (the
phone has a settings that allow installation of "untrusted source"
applications).
I've put it on the site for you to download:
http://www.lumicall.org/download
Android 2.2 is probably the minimum version supported
I can try it with my kamailio over tls, not sure when exactly I will
have the time for it in the next days.
If you don't want to register for the SIP5060 service, you can just put
dummy values in the registration form, it will then let you get to the
menu and add your own SIP details
I installed it from the download page, worked fine on android 2.2 -- had
no time to test it yet, but I noticed some "warning" messages during
installation. Not sure if it is specific for each android phone type or
for android in general, but I was alerted that I will allow the
application do to a lot of "nasty" things, like taking my gps position,
making calls that can cost me money, etc... Being open source and people
like myself a devel could check and be safe about if they have a doubt,
but I wonder if "usual" people will not become afraid of installing it.
Is it so only when installing from untrusted sources, or also when
getting it from the android market? Are all these accesses to various
resources and actions needed?
Cheers,
Daniel
--
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
