RE: Vonage complains about VoIP-blocking

Wouldn't there be a fee to utilize https?


Most CPE provider will give you a cert at no cost.


Thus spake "Hannigan, Martin" <>

> Unfortunately, TFTP is the only protocol that many phone vendors
> implement -- and VoIP operators aren't happy about it. Some
> vendors have
> started implementing HTTP(S), but it's far from common at this point.

Wouldn't there be a fee to utilize https?

One needs an SSL certificate, but the operator may already have one. If
not, or they don't want to reuse an existing server, they can either get one
for a fee or maybe use a self-signed certificate.


Stephen Sprunk "Stupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS smart people who disagree with them." --Aaron Sorkin

Only if you like giving $995 to Verisign for fancy SSL certificates.

Most https phones can use locally issued X.509 certificates for the
download. Some use a manufacturer issued root certificates if you
want to get fancy and use code signing, etc.

Not the same problem as Microsoft Internet Explorer trusting every
root certificate in its cache. IP phones usually have a very short
certificate trust list in the phone.