[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure RTP -- end user experience

To: <peter@xxxxxxxxxxxxxx>
Subject: Re: Secure RTP -- end user experience
From: Cullen Jennings <fluffy@xxxxxxxxx>
Date: Fri, 16 Mar 2007 04:57:42 +0100
Authentication-results: ams-dkim-1; header.From=fluffy@xxxxxxxxx; dkim=pass ( sig from cisco.com/amsdkim1002 verified; );
Cc: <ietf-rtpsec@xxxxxxx>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2479; t=1174079153; x=1174943153; c=relaxed/simple; s=amsdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fluffy@xxxxxxxxx; z=From:=20Cullen=20Jennings=20<fluffy@xxxxxxxxx> |Subject:=20Re=3A=20Secure=20RTP=20--=20end=20user=20experience |Sender:=20; bh=CItXnBFhwtCtC3HJpDjLllC0gK19qszBTxyeYn8KG+I=; b=UbXMz+9ft6qq2A9+aKiMl92YMa/eKt6aH3hCM/xjj6+gihA+rko3zX1/T8pCP4Co+g11weQP isZml48L1Yh8SmBFbLuJOxkzgaoVQUtm3UM4TY0ToSN/mNh7j5ubtH9e;
In-reply-to: <200703131820.l2DIJxh9020272@xxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
References: <200703131820.l2DIJxh9020272@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx

Peter, I'm very curios to get an idea how people view the right wayto deploy this - i assume we are talking about your firewall likeproduct - do you plan to run ZRTP in the "bump in the wire mode" ordoes the box modify the SIP signaling and use ZRTP in the signalingassociated mode? Most the ZRTP supports seem to prefer the bump inwire mode and I'm just trying to get a handle on some of thediscussion about if the signaling associated mode is viewed as a goodoptional thing to ZRTP or something that should be mandatory toimplement and use?



On Mar 13, 2007, at 7:20 PM, Peter Cox wrote:

Other than a posting by Craig Southeren there has been littlediscussion onthe end-user environment in which secure RTP will be deployed. VoIPsystemsare deployed in environments where the end-users expect them to"just work",users are far less tolerant of what in their mind are intrudingdetails thanusers of web and email systems, even when those users are the samepeople. Alifetime's experience with the PSTN means that VoIP users just wantto pick
up the phone, dial and get connected.
The majority of those calls will be about non confidential matters,but whenmore sensitive issues are discussed users want a simple check thattheirconversation is secured end-to-end, the ZRTP SAS provides this in aformthat is easy for the average end-user to understand. For the end-user theSAS is the analogue of the light on the phones used in cold-war spymovies,
the light flashed when the line was secure.

To declare an interest, Borderware is implementing ZRTP using Phil's
toolkit. This protocol was chosen because of its ease of use andbecause it
provides exactly what is needed to encrypt a VoIP call, ephemeral keys
negotiated without the overhead and complexity of certificatemanagement.
While not minimising the importance of getting the protocol detailsright,factors like end-user acceptance, ease of use and ease ofimplementation are
also important. From this point of view ZRTP gets my vote.

------------------------------------------------------------------
Peter Cox                                  Phone: +44 20 8759 1999
CTO International                            Fax: +44 20 8757 1998
Borderware Technologies Inc              http://www.borderware.com

Follow-Ups:
- RE: Secure RTP -- end user experience
  - From: Peter Cox

References:
- Secure RTP -- end user experience
  - From: Peter Cox

Prev by Date: Re: Certificates for P2P Authentication?
Next by Date: Multiple concurrent streams and R10
Previous by thread: Re: Secure RTP -- end user experience
Next by thread: RE: Secure RTP -- end user experience
Index(es):
- Date
- Thread