| SIP-URI User: | Settings → Accounts → User name |
| SIP-URI Host: | … Domain |
| SIP-over-TLS: | … (Additional) Network → Transports: TLS … (Additional) Network → Protocol suite: SSL v2/3 is ‘automatic’ which enables TLS 1.2 |
| SDES-sRTP: | … (Additional) Encryption → ZRTP: Disabled otherwise, incoming SDES-sRTP is rejected with SIP status Unsupported Media (415) … (Additional) Encryption → SDES: Disabled which is RTP/SAVP |
| SHA-2 Digest: | does not pick MD5, continues without header Authorization, therefore is not able to register; therefore incompatible with Linphone |
| AES-256 sRTP: | In an incoming call, if the first crypto suite is unknown, the whole SDP is rejected with SIP status 415, even if supported crypto suites were offered. In other words: The first crypto suite offered must be known to Zoiper; otherwise, the call is not accepted. |
| Bugs: | Cipher Suites include RC4 (even MD5) Mitigation: Settings → Accounts → (Additional) Network → Use only strong ciphers |
| Privacy: | app phones to Google Analytics |