Nice use of opportunistic encryption with SIP
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Oct 1 08:50:58 EDT 2005
In order to use encryption with SIP, you're stuck with using certificates
(there's no way to do authenticated DH like a number of other secure-phone
devices allow you to do). However, one vendor has found a nice way around
this: You go to their web page, enter your device IP address and SIP user ID,
and they generate a pre-packaged certificate for you that your browser posts
to the VoIP device once you click the submit button. See
http://voxilla.com/certrequest.php for the interface.
(I don't know if they use key continuity management, but they've certainly
reduced the PKI-based entry barrier for voice encryption to a minimum. The
only way to make it even easier would be to have the device automatically
contact the server for a cert when it's set up, but then that might be
difficult due to firewalling).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list