Cisco Bug: CSCum80287 - Make AES-256 usage in SRTP provisionable
Dec 25, 2019
- Cisco Jabber Video for TelePresence (Movi)
Known Affected Releases
Symptom: 4.7 added support for AES-256 in SRTP (in addition to the existing AES-128). However, it turns out that some endpoints and infrastructure devices doesn't deal very well with that addition. The correct thing to do if you don't want to use it would be to ignore that crypto option and select one of the others. However, some endpoints gets so confused by it that their crypto replies are simply bogus. And some infrastructure devices will simply reject the entire SDP if they see the AES-256 line. So while we wait for support to pick up, we should make the use of AES-256 in SRTP configurable. It should be possible to provision support for this on or off, with the default begin on. Conditions: Device with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases