Right, there is an error in de doc with SDES sorry, the only options are
first two. You could even encrypt at codec level and there are some other
ways to encrypt networking communication at lower levels, but these two are
the most reasonable solutions.
2012/11/28 Mino Haluz
> Ok so what I unde
Ok so what I understand from the document - there are in fact only these
possibilities, how to be sure there is not Mitm.
1) To use ZRTP for media encryption with SIP TLS (in case proxy is
compromised, attacker can not still decrypt ZRTP even though it goes
through the proxy)
2) To use IPSec for m
I forgot something, with Kamailio default configuration media goes always
directly between clients. Moreover, if you want to be sure that any
endpoint is who it says to be you should use client side autentication for
SIP protocol. TLS module documentation clears how to do it.
http://kamailio.org/d
Hi, If you are using SRTP your conversations will be encrypted, so nobody
could eavesdrop it. Only if your Kamailio was compromised they could be
eavesdropped.
I think you are confusing SRTP (media) with signaling (SIP). You should
implement SIP over TLS too, it makes no sense to use SRTP without
