[VOIPSEC] Using SRTP for University project

Randell Jesup rjesup at wgate.com
Mon Mar 27 23:59:07 CST 2006 

Alan Johnston <alan at sipstation.com> writes:
>Last week at the IETF, Phil made an excellent argument in his 
>presentation that the encryption of media is none of the business of a 
>the signaling.  From an architectural point of view, tying the 
>encryption of media to the signaling is a bad idea.

True - it would have made more sense (in hindsight) if the encryption were
negotiated and keyed by direct end-to-end communication on the media
channel.  Downside - perhaps another roundtrip or two.  But this is moot
now unless we want to start defining this into an RTP variant, as Phil Z is
doing with ZRTP - except he's ignoring profiles and trying to transparently
piggyback it.  That has it's advantages, but there are disadvantages too.

>>All I meant was that you said you heard s/mime was not deployable - to which
>>I said if you want to get it through a service-provider's sip
>>infrastructure, it won't work.  Since the user has no power to change that,
>>other than not using service providers, their change of environment to
>>s/mime is not that useful. (Since it is probably the call through the
>>service-provider they're worried about the most)
>>
>>But yes, I definitely think there are some parts of the environment that are
>>practically impossible to change, to meet the needs/wants of everyone.
>>
>Users are going to demand confidentiality in their media sessions.  If a 
>service provider deploys an architecture in which they can not support 
>this, they will loose users to another service provider who has been 
>smart enough to use an architecture that allows end-to-end media encryption.

They may.  Users generally care only to a certain point.  Some aspects may
increase their sensitivity, like IP Videophones - people are much more
protective of their images in private calls than of their voice.
Especially people who grew up pre-web.  Obviously, businesses may have
other issues with tappable calls, and may even have fiduciary
responsibility to prevent it in certain industries.

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
		- James Madison, 4th US president (1751-1836)

More information about the Voipsec mailing list