OSTN Compliance Specification
From Guardian Project Wiki
General Requirements
- MUST require verifiable encryption of all signaling data
- SHOULD utilize SSLv2/3 for the SIP signaling channel
- SHOULD utilize a Root Certificate Authority that has a trusted status
- MUST allow encryption of Real-time Transport Protocol (RTP) media stream
- MUST support proxying of media streams
- MUST support unmodified proxying of ZRTP encrypted
- MUST support voice calling
- MAY support video calling
- MUST run in as secured server en
- MUST provide either simple extensions or friendly name user identifiers
- MAY support use of existing device telephone numbers as identifiers
- MAY support use of existing handles/usernames as identifier and callerid
- MAY provide additional telephony services, so long as they are not privacy reducing
- MAY provide voicemail service, though it should be stored in an encrypted manner
- MAY provide SIP-based messaging through it should be done via the OTR protocol
