[VOIPSEC] Client authentication

Mark Baugher mbaugher at cisco.com
Wed Apr 12 06:03:59 PDT 2006

If you don't use client certs then how can you tell who is on the other 
side of the connection?  I admit that sips does not offer great 
security.  But why use it at all if you are not going to control access 
when making a connection.  Wouldn't you require something like a site 

On Apr 12, 2006, at 5:29 AM, Christoph Fürstaller wrote:

> Hash: SHA1
> Hi,
> I'm testing SIPS for increased security during the call establishment.
> Is it a good idea to use client certs (for TLS connection)? Or is the
> effort to realice that to much? Cause the benefits from authenticating 
> a
> client only for the TLS connection isn't that much. Authenticating the
> client against a DB is done later on in the PBX, so authentication 
> would
> be done twice.
> What do you think about that?
> chris...
> Version: GnuPG v1.4.1 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> iD8DBQFEPPKtR0exH8dhr/YRAoFcAKDGbRw7qVz/XNF7IMipfd//6KtuIQCgg9oQ
> sOPz+PX13wg7eRFrjXNfKQI=
> =6+DK
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list