[VOIPSEC] SRTP

dan_york@Mitel.com dan_york at Mitel.com
Wed Feb 22 19:01:00 GMT 2006 

Richard,

> Interesting discussion (as always). 

Indeed.  That's one of the things I so much enjoy about this list.

> In investigations here I have been trying to gather from the vendor 
community 
> what the current adoption is of SRTP within handsets, ATAs, etc.  So far 
it 
> seems the majority of the big players in this space do not support SRTP 
and, 
> in fact, the processors within their phones are incapable of doing so 
because 
> they are often running close to their peak.  Many speak of 'planning to 
> support' but nothing in concrete.  Have others found anything different 
than this?

I can't speak for the other vendors, but we've been using SRTP in our hard 
phones
since late 2002/early 2003 when we first rolled out our Teleworker 
Solution.  In 
mid-2005 we came out with a new release (6.0) of our 3300 ICP (or main 
IP-PBX) 
that brought the SRTP support directly into our core, applied it across 
ALL of 
our sets and also made it the default behaviour.  Every Mitel IP-PBX since 
that
time has been going out with SRTP on by default for all sets.

Granted, this is our MiNet call control, but most of our set models can 
dual-boot and be brought up into SIP mode to work against SIP systems and 
there they support SRTP as well.   The challenge with using SRTP between 
SIP sets is really one of interoperability.   Until we can all agree on 
how
to securely exchange SRTP keys (i.e. MIKEY, sdescriptions, other methods) 
I 
think that will remain a barrier to widespread SRTP adoption within the 
SIP
space (in my opinion).

As far as I know, both Cisco and Avaya support SRTP as well, although I do 
not
know with which sets and under which circumstances.

> SRTP to me seems to be the preferred path for hard CPE (SIP 
Phone/ATA/etc.). 

I expect you will see most all the vendors moving that way.

> I agree there are other alternatives for the soft-client approach but 
Marketing 
> tells me hard phones are a requirement by most customers for 'work from 
home' users.

Working out of a home office, I can say that I do prefer a hard phone
for a number of reasons, including the very basic one that I don't have to 
have my
computer on to make/receive calls.  I do use softphones as well, but it's 
awfully nice if you need to make a call just to be able to go into my home 

office and pick up a handset on a regular old phone (well, a secure IP 
phone).

Regards,
Dan
-- 
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp.     http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for 
secure communication

More information about the Voipsec mailing list