[VOIPSEC] S/MIME and SIP
Henrik Ingo
henrik.ingo at sesca.com
Tue Dec 13 01:23:01 CST 2005
dennis wrote:
> Dear all,
>
> According to page 208 of RFC3261,
> "Some header fields must always have a plaintext
> version because they
> are required header fields in requests and responses -
> these include:
> To, From, Call-ID, CSeq, Contact."
>
> The "inner" header is encrypted text, and "outer"
> header is clear text.I thought that SIP proxy will
> decrypt the "inner" header and use those "inner"
> header information. And "outer" header does not have
> any effect.
> Does anyone what the "outer" header exist for?
Typically S/MIME is used between the two endpoints, and actually one
reason to use it is to protect your message *from* the sip proxy.
Therefore the sip proxy has no access to the inner headers at all. So
the answer is, the outer headers are there for the sip proxy/ies.
You could use S/MIME between the caller and his sip proxy, but that is
not done. If you want encryption between an endpoint and a proxy you are
usually better of using TLS.
henrik
--
Henrik.Ingo at sesca.com
+358-40-5697354
More information about the Voipsec
mailing list