Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Repair Jira Macros
Page Properties
Target release6.8.0
Epic
Jira Legacy
serverDialogic System JIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId8f70d0a49d998c43-20dab14a-363f37e0-81e294cb-5b2706a93a6ae776ac9fe88f
keyBRKT-430
Feature Request
Jira Legacy
serverDialogic System JIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId8f70d0a49d998c43-20dab14a-363f37e0-81e294cb-5b2706a93a6ae776ac9fe88f
keyBRKT-236
Document status

Status
colourGreen
title

DRAFT

Final

Document owner

...

SIP TLS is the method that VoIP networks use to secure signaling. Providing SIP TLS protects the SDES key exchange over public networks.  The feature helps provide inter-working between secure SIP and secure WebRTC networks  

Assumptions

  • SIP TLS can be used with or without secure RTP

...

http://www.dialogic.com/webhelp/BorderNet2020/2.2.0/WebHelp/default.htm

 

 

 

Requirements

#TitleImportanceNotes
1SHALL support SIP with TLS (RFC5246) and use cases shall follow SIP TLS examples shown in RFC6216 (SIP Secure Call Flows)
2SHALL support SIP TLS with TLS v1.2, and older (SSLv3 and TLSv1)  
3SHALL support standard cipher suites, such as: TLS_RSA_WITH_AES_128_CBC_SHA and
TLS_RSA_WITH_RC4_128_MD5.
  
4

SHALL allow SIP TLS to establish RTP media with G.711 or to establish T.38

SIP TLS SHALL be independent of media.  It SHALL not be required to use SIP TLS to establish a secure media channel. 

  
 Config Tool Requirements  
5SHALL allow a field to enable or disable the use of SIP over TLS.  
6

SHALL allow a field to allow the end user to provide a configuration file for SIP over TLS. This configuration file will be used to config the required SIP over TLS parameters. Required parameters will be defined in a seperate TLS configuration document.

 

7

If SIP over TLS is enabled and the configuration file can not be found, an error will be generated in the ECC log.

When reading the SIP over TLS configuration file, the parsing of the parameters will be shown in the ECC log file.

 

  
    
10SIP TLS implementation SHALL be tested against a variety of endpoints and network equipment for accurate implementation. BN2020 gateway, Cisco Gateway
, SIP registrar (such as OpenSIPS)
. other Dialogic products.
 Licensing  
20

SIP over TLS supported on by a single license

keywork

keyword (Security). This keyword enables TLS functionality on a per system basis. To enabled security the system must have installed security licenses equal or greater than the number of fax channels installed. For example, if the customer has an 8 channel SR140 fax licenses and only 2 channels of security, the system will not support security features. If they are licensed for 8 or more security channels, security features will be available on the system.

Add on part will need to be defined to add security to an existing SR140 deployment.  This part will be added to the back office for normal order processing and will allow the end user to activate a security LAC via the current methods.

The SR140 base feature license will not include Security support. Added support MUST require a

seperate

separate add-on LAC for security.

 
Part #951-105-20    
 
 

951-105-21 SR140-EVAL-Feature-Security (eDelivery)

951-105-22 SR140-NFR-1YR-Feature-Security (eDelivery)

951-105-23 SR140-2-Feature-Security (eDelivery)

951-105-24 SR140-4-Feature-Security (eDelivery)

951-105-25 SR140-8-Feature-Security (eDelivery)

951-105-26 SR140-12-Feature-Security (eDelivery)

951-105-27 SR140-24-Feature-Security (eDelivery)

951-105-28 SR140-30-Feature-Security (eDelivery)

951-105-29 SR140-48-Feature-Security (eDelivery)

951-105-50 SR140-60-Feature-Security (eDelivery)

951-105-51 SR140-DEV-1YR-Feature-Security (eDelivery)

 BRKT-707
 Documentation Requirements TBD  
50COO Will need to be updated with changes to include OpenSSL into the product. Will be required for both Windows and Linux.  
 Radvision Stack  
60The Ravision SIP stack will be updated to a version that support SIP over TLS v1.2.   This update will be performed for the SIP portion of the stack only and will not impact the H.323 stack.  Both the Windows and the Linux stack will be updated.  
    

User interaction and design

...