Voxalot / SIP Broker Support Forums - View Single Post

evilbunny · 06-26-2008, 05:32 PM

Just a quick update on this, I've made a start on an internet draft document which can be found Draft-groth-dns-encryption - Toronto Asterisk Users Group . As above I initially was only going to use RSA+AES encryption and skip public keys/certificates but the only way to get strong crypto then would be to get all name servers from . up to support it which is a little optimistic at best.

I briefly thought about X.509 and ended up settling on using GPG keys instead as this has the potential to offer more flexibility in this particular case.

I almost have a working proof of concept, few little bugs to squash yet, but should be worked out soon I hope, once done the internet draft and the code examples should match up.

06-26-2008, 05:32 PM	#6
evilbunny Senior Member Join Date: Feb 2006 Posts: 176 Thanks: 0 Thanked 14 Times in 10 Posts	Just a quick update on this, I've made a start on an internet draft document which can be found Draft-groth-dns-encryption - Toronto Asterisk Users Group . As above I initially was only going to use RSA+AES encryption and skip public keys/certificates but the only way to get strong crypto then would be to get all name servers from . up to support it which is a little optimistic at best. I briefly thought about X.509 and ended up settling on using GPG keys instead as this has the potential to offer more flexibility in this particular case. I almost have a working proof of concept, few little bugs to squash yet, but should be worked out soon I hope, once done the internet draft and the code examples should match up.