[SR-Users] Credential server
Marek Moravčík
marek.moravcik at fri.uniza.sk
Thu Feb 25 11:09:39 CET 2016
Hi,
there is a brief description of RFC 6072: in the SIP domain, there is a
credential server. User agent
(e.g. IP Phone, SIP softphone) uploads his public key on the server. If
somebody would like to contact
the user, he can get user's public key from the credential server and
send to the user encrypted message.
Another function of credential server is storing private key of user. It
is good in reason, that user
registers on new endpoint. The endpoint can download private and public
key from server, and there
would not be problem in for example forking encrypted call to several
endpoints.
Marek
Dňa 25. 2. 2016 o 8:42 Daniel-Constantin Mierla napísal(a):
> Hello,
>
> On 24/02/16 11:13, Marek Moravčík wrote:
>> Hi guys,
>>
>> I am currently doing research in SIP security. As described in RFC 6072,
>> there can be credential server storing public and private keys
>> (certificates).
>> I have question, if there is any support from Kamailio for this, or if
>> somebody
>> has tried similar things with Kamailio. Thanks!
>>
> I haven't had the time to look at the RFC, can you describe shortly what
> exactly is supposed to happen in this case?
>
> Kamailio supports loading the tls certificates from local file system at
> this moment and caches them in memory for speed. Reloading them at
> runtime can be done with a rpc command, without restarting kamailio.
>
> Cheers,
> Daniel
>
More information about the sr-users
mailing list