[VOIPSEC] ZRTP Security?
Gupta, Sachin
s-gupta2 at ti.com
Mon Mar 13 18:11:23 CST 2006
Hi,
I went thru the ZRTP draft and i have doubts on how can this be used for
doing a secure communication
1)How would one be able to send a FAX securely. Fax machine would not be
able to read the string to verify the man-in-middle is not present.
2) How can i be sure that i am talking to the person, whom i intended
to, if i am not familiar with the voice. What if i am calling some Bank
regarding my accounts information. I have no idea that i am indeed
talking to the person in bank only. The draft mentions that
"it's only necessary that they detect that the voice used for the SAS
procedure matches the voice in the rest of the phone call."
How would this confirm the identity of the person i am talking to??
Comments?
Sachin Gupta
More information about the Voipsec
mailing list