EasyManua.ls Logo

AudioCodes E-SBC

AudioCodes E-SBC
1414 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
CHAPTER19 Coders and Profiles
Mediant 1000 Gateway & E-SBC | User's Manual
Parameter Description
Note:
The parameter is applicable only to the Gateway
application.
The parameter is applicable only when the
EnableMediaSecurity parameter is set to 1.
The corresponding global parameter is
MediaSecurityBehaviour.
'Symmetric MKI'
enable-symmetric-mki
[IpProfile_
EnableSymmetricMKI]
Enables symmetric MKI negotiation.
[0] Disable = (Default) The device includes the MKI in
its SIP 200 OK response according to the
SRTPTxPacketMKISize parameter (if set to 0, it is not
included; if set to any other value, it is included with this
value).
[1] Enable = The answer crypto line contains (or
excludes) an MKI value according to the selected
crypto line in the offer. For example, assume that the
device receives an INVITE containing the following two
crypto lines in SDP:
a=crypto:2 AES_CM_128_HMAC_SHA1_80
inline:TAaxNnQt8/qLQMnDuG4vxYfWl6K7eBK/ufk
04pR4|2^31|1:1
a=crypto:3 AES_CM_128_HMAC_SHA1_80
inline:bnuYZnMxSfUiGitviWJZmzr7OF3AiRO0l5V
nh0kH|2^31
The first crypto line includes the MKI parameter "1:1".
In the 200 OK response, the device selects one of the
crypto lines (i.e., '2' or '3'). Typically, it selects the first
line that supports the crypto suite. However, for SRTP-
to-SRTP in SBC sessions, it can be determined by the
remote side on the outgoing leg. If the device selects
crypto line '2', it includes the MKI parameter in its
answer SDP, for example:
a=crypto:2 AES_CM_128_HMAC_SHA1_80
inline:R1VyA1xV/qwBjkEklu4kSJyl3wCtYeZLq1/
QFuxw|2^31|1:1
If the device selects a crypto line that does not contain
the MKI parameter, then the MKI parameter is not
included in the crypto line in the SDP answer (even if
the SRTPTxPacketMKISize parameter is set to any
value other than 0).
Note: The corresponding global parameter is
EnableSymmetricMKI.
'MKI Size'
mki-size
[IpProfile_MKISize]
Defines the size (in bytes) of the Master Key Identifier
(MKI) in SRTP Tx packets.
The valid value is 0 to 4. The default is 0 (i.e., new keys are
generated without MKI).
Note:
- 398 -

Table of Contents

Related product manuals