Aastra Telecom 57I IP Phone User Manual


 
Advanced Operational Features
41-001160-00, Release 2.1, Rev 04 6-21
Configuring Advanced Operational Features
Advanced Operational Features
Transport Layer Security (TLS)
The IP Phones support a transport protocol called Transport Layer Security
(TLS) and Persistent TLS. TLS is a protocol that ensures communication
privacy between the SIP phones and the Internet. TLS ensures that no third party
may eavesdrop or tamper with any message.
TLS is composed of two layers: the TLS Record Protocol and the TLS handshake
protocol. The TLS Record Protocol provides connection security with some
encryption method such as the Data Encryption Standard (DES). The TLS
Handshake Protocol allows the server and client to authenticate each other and to
negotiate an encryption algorithm and cryptographic keys before data is
exchanged. TLS requires the use of specific security certificate files to perform
TLS handshake:
Root and Intermediate Certificates
Local Certificate
•Private Key
Trusted Certificate
When the phones use TLS to authenticate with the server, each individual call
must setup a new TLS connection. This can take more time when placing each
call. Thus, the IP phones also have a feature that allows you to setup the
connection to the server once and re-use that one connection for all calls from the
phone. It is called Persistent TLS. The setup connection for Persistent TLS is
established during the registration of the phone. If the phones are set to use
Persistent TLS, and a call is made from the phone, this call and all subsequent
calls use the same authenticated connection. This significantly reduces the delay
time when placing a call.