Follow

Encryption Policy

November 2016

Q: Does OnSIP support encrypted communication?

A: Yes.

However, OnSIP only completely supports encrypted communication using SIP over WebSocket Secure (RFC 7118) in conjunction with DTLS-SRTP. This is the standard way WebRTC based user agents can communicate via OnSIP. In this case, OnSIP will furthermore gateway sessions encrypted in this fashion with user agents which are doing unencrypted communication over RTP which allows for complete interoperation with any SIP destination including all OnSIP applications and the PSTN.

Q: Does OnSIP support encrypted communication using SRTP?

A: Yes.

However, OnSIP will only pass-thru SRTP between user agents so both ends need to support SRTP. Furthermore, OnSIP hosted applications do not support SRTP. Thus SRTP cannot be used for with the communication with OnSIP applications or the PSTN.

Technical Details

The table below outlines how OnSIP handles SDP offers in different scenarios. In some cases OnSIP will pass-thru what the UAC (User Agent Client - the caller) offers. In other cases OnSIP will transform what it offered to meet the known or expected needs of the UAS (User Agent Server - the callee). Similarly, OnSIP will handle will treat offers from the UAS (which occurs when the UAC does not provide an SDP offer) to a UAC differently depending on the signalling transport used by the UAC.

 

UAC Offers

UAS OnSIP Registered WS/WSS

UAS OnSIP Registered UDP/TCP/TLS

UAS Off Network

UAS OnSIP Application

RTP

DTLS-SRTP

RTP

RTP

RTP

SRTP

DTLS-SRTP

SRTP

SRTP

Unsupported

DTLS-SRTP

DTLS-SRTP

RTP

RTP

RTP

Other

Unsupported

Unsupported

Unsupported

Unsupported

         

UAS Offers

UAC Signalling WS/WSS

UAC SIgnalling UDP/TCP

   

RTP

DTLS-SRTP

RTP

   

SRTP

DTLS-SRTP

SRTP

   

DTLS-SRTP

DTLS-SRTP

RTP

   

Other

Unsupported

Unsupported

   
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk