On 08/09/2018 04:46 AM, Alex Balashov wrote:
Yes, but until and unless your upstream supply chain is doing TLS and you can provide end-to-end security, it's a pointless waste of time.
There's also an argument to be made that I haven't seen brought up for protecting SIP registration credentials either by providing transport confidentiality for a conventional password/secret or by using TLS client certificates. If you're at all worried about an adversary observing your actual comms, I'd be doubly worried about somebody stealing registration credentials and abusing them.
-- Brandon Martin _______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
