[SIPForum-discussion] Regarding TLS using SIP

Fri Feb 5 11:35:32 UTC 2010

Hi Prasad,

Thanks for your reply but I doubt not about UDP/TCP but its about TLS?

On Fri, Feb 5, 2010 at 1:31 PM, Prasad G <prasad4mail at gmail.com> wrote:

> The difference is not only in opening the socket for TCP or UDP. The
> behavior of the protocol also changes as per the UDP or TCP.
>
> In case of TCP there will not be any retransmission of the request and no
> need for reliable provisional response like PRACK,since the reliability is
> given in the transport layer by the TCP.
>
> Regards,
> Prasad
>
>
> On Thu, Feb 4, 2010 at 9:47 PM, lakhan patel <lakhan.p at gmail.com> wrote:
>
>> Hi to All,
>>
>> As per my knowledge SIP works for TCP and UDP for both and only difference
>> is while opening the socket.
>> Is the TLS also work in similar fashion and only difference is while
>> opening socket or what?
>> Please if any one know it in detail, it is my humble request to him please
>> explain it in detail or provide any reference document
>>
>>
>>
>> On Wed, Feb 3, 2010 at 8:01 PM, <ashok.pitambar at wipro.com> wrote:
>>
>>> Hi Ranga ,
>>>
>>>        Nice to know this info , Can you please share doc or website
>>> link where we can find more info about TLS
>>> Support for SIP?
>>>
>>>
>>> Regards,
>>> Ashok
>>>
>>> -----Original Message-----
>>> From: discussion-bounces at sipforum.org
>>> [mailto:discussion-bounces at sipforum.org] On Behalf Of M. Ranganathan
>>> Sent: Thursday, January 28, 2010 11:40 PM
>>> To: baslingappa bhujang
>>> Cc: SIP Forum
>>> Subject: Re: [SIPForum-discussion] Regarding TLS using SIP
>>>
>>> On Thu, Jan 28, 2010 at 12:01 AM, baslingappa bhujang
>>> <basling99 at gmail.com> wrote:
>>> > Hi All,
>>> > Could some one tell me how TLS works with sip protocol.
>>>
>>> Its just like SIP over TCP except that the underlying protocol is TLS.
>>>
>>> TLS is a secure transport layer built on top of TCP. It requires a
>>> public/private key pair. The server encrypts traffic in the private key
>>> and distributes its public key to clients so that clients may decrypt it
>>> and verify that the server signed it. This guards against spoofing. The
>>> public key may either be installed manually or, if you have a public key
>>> that has been signed by a trusted Certifcate Authority, then the server
>>> may just hand out the public key that has been signed by the CA and
>>> expect that the client will contact the trusted CA for verification.
>>> (i.e. authentication). So to do authentication in the TLS framework, you
>>> need to have access to the public key that was exchanged so you may
>>> verify that it was indeed issued by the server. In general you can have
>>> a chain of CA's.
>>> All of this is basic SSL / TLS .
>>>
>>>
>>> The point is that SIP over TLS is completely oblivious to all of this.
>>> The SIP protocol itself never sees it. The only thing is that as it is
>>> running as an application layer protocol, TLS requires a new port (
>>> different from TCP ). Usually that port is 5061 but it does not have to
>>> be. Further, the stack needs to have mechanism to hand over the public
>>> key to the "application" for verification.
>>>
>>> There is also sips URL vs. sip over TLS. sips URLs are expected to have
>>> end to end encryption whereas sip over tls ( with transport=tls) have
>>> only hop by hop encryption requirements.
>>>
>>> Regards,
>>>
>>> Ranga
>>> >
>>> > --
>>> > Thanks,
>>> > Basling.
>>> > _______________________________________________
>>> > This is the SIP Forum discussion mailing list TO UNSUBSCRIBE, or edit
>>> > your delivery options, please visit
>>> > http://sipforum.org/mailman/listinfo/discussion
>>> > Post to the list at discussion at sipforum.org
>>> >
>>> >
>>>
>>>
>>>
>>> --
>>> M. Ranganathan
>>> _______________________________________________
>>> This is the SIP Forum discussion mailing list TO UNSUBSCRIBE, or edit
>>> your delivery options, please visit
>>> http://sipforum.org/mailman/listinfo/discussion
>>> Post to the list at discussion at sipforum.org
>>>
>>> _______________________________________________
>>> This is the SIP Forum discussion mailing list
>>> TO UNSUBSCRIBE, or edit your delivery options, please visit
>>> http://sipforum.org/mailman/listinfo/discussion
>>> Post to the list at discussion at sipforum.org
>>>
>>
>>
>>
>> --
>> Thanks & Regards
>> Shivlakhan Patel
>> Email: lakhan.p at gmail.com, lakhan.p at hotmail.com
>> IBM India Private Ltd. Bangalore
>> Contact: +91-9902791177
>>
>> _______________________________________________
>> This is the SIP Forum discussion mailing list
>> TO UNSUBSCRIBE, or edit your delivery options, please visit
>> http://sipforum.org/mailman/listinfo/discussion
>> Post to the list at discussion at sipforum.org
>>
>>
>

-- 
Thanks & Regards
Shivlakhan Patel
Email: lakhan.p at gmail.com, lakhan.p at hotmail.com
IBM India Private Ltd. Bangalore
Contact: +91-9902791177
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20100205/5ae4e578/attachment-0002.html>