Aastra Telecom 9143i Series User Manual
Advanced Operational Features
6-26
41-001160-03, Rev 00, Releaes 2.4
IP Phone Administrator Guide
Transport Layer Security (TLS)
The IP Phones support a transport protocol called Transport Layer Security
(TLS) and Persistent TLS. TLS is a protocol that ensures communication
privacy between the SIP phones and the Internet. TLS ensures that no third party
may eavesdrop or tamper with any message.
(TLS) and Persistent TLS. TLS is a protocol that ensures communication
privacy between the SIP phones and the Internet. TLS ensures that no third party
may eavesdrop or tamper with any message.
TLS is composed of two layers: the TLS Record Protocol and the TLS handshake
protocol. The TLS Record Protocol provides connection security with some
encryption method such as the Data Encryption Standard (DES). The TLS
Handshake Protocol allows the server and client to authenticate each other and to
negotiate an encryption algorithm and cryptographic keys before data is
exchanged. TLS requires the use of the following security certificate files to
perform TLS handshake:
protocol. The TLS Record Protocol provides connection security with some
encryption method such as the Data Encryption Standard (DES). The TLS
Handshake Protocol allows the server and client to authenticate each other and to
negotiate an encryption algorithm and cryptographic keys before data is
exchanged. TLS requires the use of the following security certificate files to
perform TLS handshake:
•
Root and Intermediate Certificates
•
Local Certificate
•
Private Key
•
Trusted Certificate
When the phones use TLS to authenticate with the server, each individual call
must setup a new TLS connection. This can take more time when placing each
call. Thus, the IP phones also have a feature that allows you to setup the
connection to the server once and re-use that one connection for all calls from the
phone. It is called Persistent TLS. The setup connection for Persistent TLS is
established during the registration of the phone. If the phones are set to use
Persistent TLS, and a call is made from the phone, this call and all subsequent
calls use the same authenticated connection. This significantly reduces the delay
time when placing a call.
must setup a new TLS connection. This can take more time when placing each
call. Thus, the IP phones also have a feature that allows you to setup the
connection to the server once and re-use that one connection for all calls from the
phone. It is called Persistent TLS. The setup connection for Persistent TLS is
established during the registration of the phone. If the phones are set to use
Persistent TLS, and a call is made from the phone, this call and all subsequent
calls use the same authenticated connection. This significantly reduces the delay
time when placing a call.
Draft 1