<div>Hi Johansson, All</div>
<div>Sincier regards and thanks for input.</div>
<div> </div>
<div>As I understand, all media packets pass through RTP Proxy. The RTP Proxy will receive simple UDP media packets from endpoints. Next RTP proxy today pass those RTP packets to destination party.</div>
<div> </div>
<div>My job is precisely to support TLS and DTLS path between RTP Proxy and destination party. In my setup the destination party is a media server.</div>
<div> </div>
<div>Do you really see a risk to have this setup. If so, please elaborate.</div>
<div> </div>
<div>I underdstand here the challenge setup TLS/DTLS connection with media server and send/recv media packets with server usuing either TLS or DTLS.</div>
<div> </div>
<div>Also you mentioned "There's also solutions for RTP over DTLS" , can you please share from where I can get the reference solution, it help me to great extent.</div>
<div> </div>
<div>Best Regards</div>
<div>Kamal<br><br></div>
<div class="gmail_quote">On Tue, Oct 16, 2012 at 12:08 AM, Olle E. Johansson <span dir="ltr"><<a href="mailto:oej@edvina.net" target="_blank">oej@edvina.net</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT:#ccc 1px solid;MARGIN:0px 0px 0px 0.8ex;PADDING-LEFT:1ex" class="gmail_quote"><br>15 okt 2012 kl. 13:24 skrev Peter Lemenkov <<a href="mailto:lemenkov@gmail.com">lemenkov@gmail.com</a>>:<br>
<div class="im"><br>> Hello.<br>><br>> 2012/10/15 Kamal Palei <<a href="mailto:palei.kamal@gmail.com">palei.kamal@gmail.com</a>>:<br>>> Hi All<br>>> I am planning to enhance RTP proxy to support TLS and DTLS.<br>
>> We have some requirements where we need to send RTP packets either over TLS<br>>> or over DTLS.<br>><br>> Shouldn't it be better to rely on SRTP/ZRTP instead rather than making<br>> your own incompatible realisation?<br>
<br></div>SRTP use DTLS for key exchange. There's also solutions for RTP over DTLS,<br>but the recommended way is DTLS+SRTP. This is what's standardized for WebRTC,<br>and the way forward for SIP media as well.<br>
<br>However, I don't see how RTPproxy can be the endpoint for DTLS key exchange, since<br>it breaks the end2end path. Clients should use TURN relays...<br><br>Curious on how you see this working!<br><span class="HOEnZb"><font color="#888888">/O<br>
</font></span>
<div class="HOEnZb">
<div class="h5">_______________________________________________<br>SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br><a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br></div></div></blockquote></div><br>