[VOIPSEC] Client authentication
Mark Baugher
mbaugher at cisco.com
Wed Apr 12 08:03:59 CDT 2006
If you don't use client certs then how can you tell who is on the other
side of the connection? I admit that sips does not offer great
security. But why use it at all if you are not going to control access
when making a connection. Wouldn't you require something like a site
cert?
Mark
On Apr 12, 2006, at 5:29 AM, Christoph Fürstaller wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'm testing SIPS for increased security during the call establishment.
>
> Is it a good idea to use client certs (for TLS connection)? Or is the
> effort to realice that to much? Cause the benefits from authenticating
> a
> client only for the TLS connection isn't that much. Authenticating the
> client against a DB is done later on in the PBX, so authentication
> would
> be done twice.
>
> What do you think about that?
>
> chris...
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFEPPKtR0exH8dhr/YRAoFcAKDGbRw7qVz/XNF7IMipfd//6KtuIQCgg9oQ
> sOPz+PX13wg7eRFrjXNfKQI=
> =6+DK
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
More information about the Voipsec
mailing list