[VOIPSEC] Voipsec Digest, Vol 8, Issue 26
Randell Jesup
rjesup at wgate.com
Thu Sep 8 17:12:04 CDT 2005
Alex Deacon <alex.deacon at gmail.com> writes:
>If by "general marketplace" you mean people like my mom and grandmother,
>then an argument could be made that no encryption is better than a
>delay. However if you mean enterprise usage, then encryption, and a
>provably strong keying mechanism as Robert mentioned, are very
>important...if not mandatory.
I was referring to your mom and grandmother. However...
Be careful - "enterprise" is a slippery word. Does that include
inter-company calls, or only intra-company? What about calls to other
companies who the user has no previous contact? What about when they call
someone at home, or on a cell? What if those calls happen to be all-IP,
not PSTN/POTS, do they need to be secure? If a call to a office user is
forwarded (over IP) to a home phone, what do you do? And do you really
mean that an enterprise would consider a solution with a circa 0.5-1sec
delay on answer to be acceptable for general use? I don't.
Enterprises can use PKI's and avoid the delay - but not when
calling someone outside the enterprise, generally. Sometimes not even
calling other offices.
>On 08 Sep 2005 04:14:43 -0400, Randell Jesup < rjesup at wgate.com
><mailto:rjesup at wgate.com> > wrote:
>
>"Christopher A. Martin" < chris at InfraVAST.com
><mailto:chris at InfraVAST.com> > writes:
>>And as was pointed out earlier in the thread by another person, the delay
>>is acceptable. People are becoming accustomed to delays, otherwise cell
>>phones would not be as popular as they are today.
>
> This is in no way close to acceptable in the marketplace. The
>general marketplace will choose no encryption over that sort of delay.
>(And that would hurt the market and the users.)
--
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
More information about the Voipsec
mailing list