Aastra Telecom 53I, 57I CT, 55I manual Transport Layer Security TLS

Transport Layer Security (TLS)

The IP Phones support a transport protocol called Transport Layer Security (TLS) and Persistent TLS. TLS is a protocol that ensures communication privacy between the SIP phones and the Internet. TLS ensures that no third party may eavesdrop or tamper with any message.

TLS is composed of two layers: the TLS Record Protocol and the TLS handshake protocol. The TLS Record Protocol provides connection security with some encryption method such as the Data Encryption Standard (DES). The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. TLS requires the use of specific security certificate files to perform TLS handshake:

•Root and Intermediate Certificates

•Local Certificate

•Private Key

•Trusted Certificate

When the phones use TLS to authenticate with the server, each individual call must setup a new TLS connection. This can take more time when placing each call. Thus, the IP phones also have a feature that allows you to setup the connection to the server once and re-use that one connection for all calls from the phone. It is called Persistent TLS. The setup connection for Persistent TLS is established during the registration of the phone. If the phones are set to use Persistent TLS, and a call is made from the phone, this call and all subsequent calls use the same authenticated connection. This significantly reduces the delay time when placing a call.

Advanced Operational Features