[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Some views on Secure RTP
> If your network needs to have SRTP (or any other capability)
> signalled, then make sure your clients signal it. This is a
> deployment issue, not a standards issue.
> As explained previously, there is a legitimate reason why clients may
> not want to signal the use of secure RTP. This is where
> security differs from other signalled capabilities such as payload
> types or redundancy.
What occurs when two endpoints, belonging to the two different
categories you describe above, talk to each other?
> I agree that in the absence of any such signalling, the network can
> legitimately choose not to carry secure traffic, if it can detect it.
> But this could also occur if the signalling was provided, so (from the
> clients point of view) nothing is gained or lost.
> > > > Is that adequately captured by the following requirement in
> > > > draft-wing-media-security-requirements:
> > > >
> > > > R21: A solution SHOULD allow establishing SRTP
> keying between
> > > > different call signaling protocols (e.g., between
> > > > Jabber, SIP, H.323, MGCP)
> > >
> > > That requirement says that it should be possible - it
> doesn't say that
> > > it should be easy. :)
> > >
> > > ZRTP meets the explicit requirement of R21 and it does so in
> > > a way that
> > > does not require any new work in the signalling path for a
> > > useful set of
> > > deployments.
> > >
> > > I can't see it getting much better than that :)
> > Can you provide wording for a requirement that you'd like to see?
> Here is a suggestion
> A solution SHOULD allow establishing SRTP keying without requiring any
> network elements in the call signalling path to be aware of
> the presence
> or absence of secure media.
> Craig Southeren Post Increment - VoIP Consulting
> and Software
> Phone: +61 243654666 ICQ: #86852844
> Fax: +61 243656905 MSN: craig_southeren@xxxxxxxxxxx
> Mobile: +61 417231046 Jabber: craigs@xxxxxxxxxx
> "It takes a man to suffer ignorance and smile.
> Be yourself, no matter what they say." Sting