Per RFC 5630 the "sip" scheme can be used with TLS for "best-effort" encryption; i.e. encryption that is guaranteed over a single link and not end to end:
If one wants to use "best-effort TLS" for SIP, one just needs to use
a SIP URI, and send the request over TLS.
Using SIP over TLS is very simple. A UA opens a TLS connection and
uses SIP URIs instead of SIPS URIs for all the header fields in a SIP
message (From, To, Request-URI, Contact header field, Route, etc.).
When TLS is used, the Via header field indicates TLS.
However, drachtio (and drachtio-srf) always will apply the "sips" scheme when tls is used.
We want to support the following scenarios:
Inbound call over TLS where UA signals best-effort. If we receive a call over TLS transport where all SIP URIs are using "sip" scheme, then reply with a Contact header that also uses "sip" rather than "sips" scheme.
Outbound call where drachtio-srf app wants to signal best effort TLS. Enable the ability to send a call over TLS transcript and have the SIP uris use the "sip" rather than "sips" scheme. When not explicitly specified, the "sips" scheme should still be the default.
Changes may be required to both drachtio server and drachtio-srf for this feature
Per RFC 5630 the "sip" scheme can be used with TLS for "best-effort" encryption; i.e. encryption that is guaranteed over a single link and not end to end:
However, drachtio (and drachtio-srf) always will apply the "sips" scheme when tls is used.
We want to support the following scenarios:
Changes may be required to both drachtio server and drachtio-srf for this feature