[Security] TLS Certificates Verification
stpeter at stpeter.im
Mon Aug 18 16:27:45 CDT 2008
Jonathan Schleifer wrote:
> Am 18.08.2008 um 21:22 schrieb Dirk Meyer:
>> That is not an option for me. I want bots to talk to each other. They
>> can not use the phone.
> That's why for example ESessions doesn't only provide SAS, but also
> using public keys. It does not need to use public keys, but it can. This
> is indeed *VERY* nice as there's no need to generate a key then.
AFAICS, TLS enables us to use PGP keys (experimental, not yet supported
in all TLS libraries), CA-issued certs, and self-signed certs (leap of
faith). There's no SAS support in TLS yet but that might be developed
down the line because, as discussed on the TLS list recently, members of
the SIP community (and others) are interested in that feature.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080818/0f839526/attachment.bin
More information about the Security