[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Mon Aug 18 16:27:45 CDT 2008


Jonathan Schleifer wrote:
> Am 18.08.2008 um 21:22 schrieb Dirk Meyer:
> 
>> That is not an option for me. I want bots to talk to each other. They
>> can not use the phone.
> 
> That's why for example ESessions doesn't only provide SAS, but also 
> using public keys. It does not need to use public keys, but it can. This 
> is indeed *VERY* nice as there's no need to generate a key then.

AFAICS, TLS enables us to use PGP keys (experimental, not yet supported 
in all TLS libraries), CA-issued certs, and self-signed certs (leap of 
faith). There's no SAS support in TLS yet but that might be developed 
down the line because, as discussed on the TLS list recently, members of 
the SIP community (and others) are interested in that feature.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080818/0f839526/attachment.bin 


More information about the Security mailing list