Re: [Sip] TLS post connection verification

[Eric Rescorla <ekr@rtfm.com>]

"Cullen Jennings" <fluffy@cisco.com> writes:

> If element A wants to send a SIP message over TLS to a next hop called
> foo.com, A needs to check that the SubjectAltName in the certificate
> provided over the TLS connection to A matches foo.com. Openssl can not do
> this for you automatically, A needs to call the SSL_get_peer_certificate
> after A has connected. foo.com may request, and look at, the certificate of
> A or may not depending on if mutual TLS is being done or not.
Exactly.

> There is very little point in using TLS if you don't check that the server
> you connected to is the server you meant to connect to. If all you know is
> the IP address of the server and the server presents a certificate with a
> FQDN, you are pretty much out of luck.
Just to be clear, it depends on your threat model. If you believe
that only passive attacks will be mounted, then TLS is worth something
even without checking the certificates. However, active attacks
are getting easier to mount...

-Ekr
_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip