26.2.4 S/MIME As is discussed above, encrypting entire SIP messages end-to-end for the purpose of confidentiality is not appropriate because network intermediaries (like proxy servers) need to view certain header fields in order to route messages correctly, and if these intermediaries are excluded from security associations, then SIP messages will essentially be non-routable. 如上所述,出于保密目的对整个SIP消息进行端到端加密是不合适的,因为网络中介机构(如代理服务器)需要查看某些报头字段才能正确路由消息,并且如果这些中介机构被排除在安全关联之外,则SIP消息基本上将是不可路由的。 However, S/MIME allows SIP UAs to encrypt MIME bodies within SIP, securing these bodies end-to-end without affecting message headers. S/MIME can provide end-to-end confidentiality and integrity for message bodies, as well as mutual authentication. It is also possible to use S/MIME to provide a form of integrity and confidentiality for SIP header fields through SIP message tunneling.
但是,S/MIME允许SIP UA对SIP中的MIME主体进行加密,从而端到端地保护这些主体而不影响消息头。S/MIME可以为消息体提供端到端的机密性和完整性,以及相互身份验证。还可以使用S/MIME通过SIP消息隧道为SIP报头字段提供一种完整性和机密性形式。
The usage of S/MIME in SIP is detailed in Section 23.
第23节详细介绍了S/MIME在SIP中的使用。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
