[VOIPSEC] What the most popular key exchange method(MIKEY, SDP Security Descriptions, ...) in VoIP marketing ?

Mark Teicher mht3 at earthlink.net
Fri Jan 13 08:58:33 PST 2006


I have read that some boutique consulting companies offer VoIP Security assessment that examine Layers 4-7, encryption, sniffing, firewall, and endpoint assessment, and adjuncts attached to the VoIP network.  So you are stating that these type of offers do not provide any value to a VoIP vendor or an organization without causing heartburn ??



-----Original Message-----
>From: Janne Magnusson <janne at ingate.com>
>Sent: Jan 13, 2006 11:13 AM
>To: Voipsec at voipsa.org
>Subject: Re: [VOIPSEC] What the most popular key exchange method(MIKEY,	SDP Security Descriptions, ...) in VoIP marketing ?
>
>I think it depends on each vendor. Ingate, as a Firewall vendor,
>participates in lots of testing with different vendors of various SIP
>equipment and we have a long list of tested equipment, you can find some
>of them at http://www.ingate.com/strategicpartners.php. Today we don't
>see much interoperability issues for basic SIP so most of the testing
>today is done based on upcoming business cases. 
>
>SIPit is also a very good place to go if you want to do general interop
>testing of new and old stuff.
>
>If you're interested in interop testing with Ingate please drop me a
>line and we'll work something out.
>
>/Janne
>
>> -----Original Message-----
>> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org]
>On
>> Behalf Of Mark Teicher
>> Sent: Friday, January 13, 2006 4:38 PM
>> To: Voipsec at voipsa.org
>> Subject: Re: [VOIPSEC] What the most popular key exchange
>method(MIKEY,
>> SDP Security Descriptions, ...) in VoIP marketing ?
>> 
>> Since this issue was touched upon..
>> How do VoIP vendors qualify their products with various firewall
>vendors
>> from an interoperability point of view?
>> 
>> -----Original Message-----
>> >From: dennis <m8939605 at yahoo.com.tw>
>> >Sent: Jan 13, 2006 9:43 AM
>> >To: Voipsec at voipsa.org
>> >Subject: Re: [VOIPSEC] What the most popular key exchange
>method(MIKEY,
>> 	SDP Security Descriptions, ...) in VoIP marketing ?
>> >
>> >Hi all,
>> >
>> >I think that there is a Firewall issue here.
>> >
>> >To imagine a client A and client B are both behind
>> >routers, and the routers have NAT/Firewall. If A and B
>> >run the SIP over TLS and A make a call to B. Because
>> >the SIP siganl are encrypted, firewall of B's router
>> >can't inspect SDP for the RTP ports used (ALG), and
>> >SRTP
>> >stream can't pass firewall.
>> >
>> >The solutions are below:
>> >1.FWs open all UDP ports for RTP
>> >2.Routers have TLS connection with proxy and client.
>> >3.UPnP(Can UPnP solve the issue?)
>> >
>> >    TLS           TLS
>> >A------->Router------->SIP Proxy
>> >  TLS
>> >------->Router------>B
>> >
>> >
>> >Best regards,
>> >Dennis
>> >
>> >--- Harry Behrens <hb at snom.de> ??
>> >
>> >
>> >---------------------------------
>> >  in fact no, actually makes life easier for
>> >signalling (but that isnever a problem with NAT
>> >anyway).
>> >On the media side: SRTP is just UDP as before, so it
>> >stays as stable orbuggy as before...
>> >
>> >    -h
>> >
>> >
>> >
>> >___________________________________________________  ??? Yahoo!??????
>> 7.0???????????  http://messenger.yahoo.com.tw/
>> >
>> 
>> 
>> _______________________________________________
>> Voipsec mailing list
>> Voipsec at voipsa.org
>> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org





More information about the Voipsec mailing list