On Sun, 4 Jan 2009, Juha Heinanen wrote:
> Aymeric Moizard writes: > > > If you have a 100% working trick, I'll be interested to learn it! Very > > interested! > > no, i don't have 100% working trick, but normal means cover 90+% of the > cases. trying to avoid needless use of rtp proxy for the remainder is > not worth of the extreme complexity that comes with ice. So the 10% calls are the one that use relay when they should not? right? I'm pretty convinced this is not a true value. Anyway, I don't think this is a problem of number here. Let's describe a case: I send an INVITE and encrypt the SDP. I'm behind a symmetric NAT. I'm calling somebody (a UA of course) who is able to decrypt it. Whatever trick you provide, I will not have always voice (except if ICE is supported or if the NAT are kind with me) Conclusion: I'm forced to provide UA and ask my customer to NOT encrypt their signalling. NEVER encrypt their signalling. > i don't understand what you try to say in above. sip works fine over > the internet today. SIP works today **if**: * no security * no SIP message integrity is used * sip server are well configured (...) * sip server is not compliant (modifying contact and SDP...) My conclusion is that it's not acceptable. I want my applications to do security and I don't want to be dependant on badly configured servers. I don't want "SIP works today **if**", I want "SIP works today." I just need a SIP compliant internet infrastructure. tks, Aymeric MOIZARD / ANTISIP amsip - http://www.antisip.com osip2 - http://www.osip.org eXosip2 - http://savannah.nongnu.org/projects/exosip/ > -- juha > _______________________________________________ Users mailing list [email protected] http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
