[VOIPSEC] One of the best SIP security interviews we've done yet... (Blue Box podcast)
dan_york at Mitel.com
dan_york at Mitel.com
Fri Sep 7 20:43:04 CDT 2007
VOIPSEC readers,
FYI, I just uploaded Blue Box Special Edition #20 which was an interview I
recorded with Cullen Jennings about SIP security while out at VoiceCon San
Francisco last month:
http://www.blueboxpodcast.com/2007/09/blue-box-se020-.html
Cullen had just co-presented a 3-hour tutorial with Eric Rescorla about
SIP Security, and in this 40-minute interview we went over the main issues
around SIP security. We talked about securing the signaling and he gave
some great illustrations of what forking and early media were all about
(and got into how early media is actually *used* in the PSTN). We
discussed securing the voice/media stream and he outlined how DTLS and
ZRTP work, as well as sdescriptions and some of the other mechanisms out
there. We touched on SIP Identity (now an RFC) and covered a draft Cullen
has in the works about "SIP outbound", which may provide a way for a SIP
endpoint to work behind a NAT device, and a draft on certificate
management whereby endpoints can use self-signed certificates. He also
put on his IETF RAI Area Director hat and talked a bit about what will be
the next SIP security issues that need to be tackled.
If you aren't familiar with Cullen, he is a Distinguished Engineer at
Cisco but more relevant to this topic is one of the Area Directors for the
Real-time Applications and Infrastructure (RAI) area of the IETF.
Essentially, RAI is the area under which all SIP-related RFCs fall.
Cullen's also a frequent (and good) presenter at conferences and is an
enjoyable interview guest.
I think you'll find this an educational and interesting interview, and I'd
highly recommend it for folks looking to understand SIP security.
Enjoy,
Dan
--
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Chair, Mitel Product Security Team
Mitel http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
More information about the Voipsec
mailing list