TLS

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS

Thomas Morzadec
Hello,

My linphone works but sometimes the audio quality is poor. I have read here https://wiki.linphone.org/xwiki/wiki/public/view/Linphone/Good%20practices%20for%20using%20SIP/

that it is preferable to use TLS. Is it going to improve the quality?

Moreover, I didn't know anything about TLS, but it is explained here

However, it is written I should get a certificate CSR.
But who is going to give it?

Could you please indicate where I could know more about TLS/CSR for linphone, because I don't like to copy/paste without understanding. It seems to risky...

Thank you in advance for your help,

Thomas

_______________________________________________
Linphone-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-users
Reply | Threaded
Open this post in threaded view
|

Re: TLS

Greg Troxel
Thomas Morzadec <[hidden email]> writes:

> My linphone works but sometimes the audio quality is poor. I have read here
> https://wiki.linphone.org/xwiki/wiki/public/view/Linphone/Good%20practices%20for%20using%20SIP/
>
> that it is preferable to use TLS. Is it going to improve the quality?

No.  TLS is a way to protect the signalling channel, to provide
encryption of contents (especially passwords) and to ensure the client
that it is connecting to the right server.

So all signaling should be over TLS, but you the client can only do that
if your server supports it.

> Moreover, I didn't know anything about TLS, but it is explained here
> https://wiki.linphone.org/xwiki/wiki/public/view/Linphone/TLS%20client%20authentication/
>
> However, it is written I should get a certificate CSR.
> But who is going to give it?

That is only if your SIP registrar/proxy requires you to autenticate
with a certificate.  Other than perhaps in large companies, this is
unusual, and if this is true your IT department will be telling you what
you have to do.

> Could you please indicate where I could know more about TLS/CSR for
> linphone, because I don't like to copy/paste without understanding. It
> seems to risky...

It's not really about linphone.

Take this with a slight grain of salt:

  https://en.wikipedia.org/wiki/Session_Initiation_Protocol


Note that this is all about signaling; encryption of media (call
contents) is done via SRTP or ZRTP.

_______________________________________________
Linphone-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-users
Reply | Threaded
Open this post in threaded view
|

Re: TLS

Greg Troxel
Greg Troxel <[hidden email]> writes:

> So all signaling should be over TLS, but you the client can only do that
> if your server supports it.

I should point out that sip.linphone.org does support TLS.

If you are using some other SIP provider, they should document which of
UDP, TCP and TLS signaling methods they support, and that question
should be addressed to them rather than here.

Alternatively, you can just configure TLS, and if they don't support it,
find another provider.

_______________________________________________
Linphone-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-users