[VOIPSEC] Voipsec Digest, Vol 12, Issue 24 -- "no central call routing"

Henry Sinnreich henry at pulver.com
Wed Dec 28 14:58:28 CST 2005 

Craig,

> How does carrier-to-carrier work in this scenario?

I will try, though this deserves a longer discussion.

"Carrier for voice" is just a business model that has no crisp technical
defintion on the Internet. There are however Internet domains that can have
various owners that are not "carriers" such as enterprises, various
institutions (government, military), campuses, residential networks (I have
one with my own SIP proxy inside a $200 Intertex IX67 box and am my own
"carrier"), community networks and even single laptops as long as they have
a DNS entry.

P2P networks like Skype may not even need to use DNS and this poses an even
bigger challenge for law enforcement, especially since Skype is by far the
biggest VoIP provider in the world.

In short, the emperor (the "Carrier for voice" model) has no clothes. Nor
has the VoIP network infrastrucure on the market at present, since Skype has
proven such infrastructure is not necessary (add AOL, Apple, Google, IBM,
Microsoft, Yahoo and the P2P PBXs on the market such as Avaya and Peerio,
etc., etc.). Ever heard of them ? :-)> Anyone to suggest they all must be
blocked? (shocking...)

Commercial (my sincere apology): There will be _P2P SIP_ sessions at the VON
Spring and VON Europe. Please follow the VON announcements for the agenda.

Thanks, Henry
 

-----Original Message-----
From: Lee, Craig [mailto:crlee at nuera.com] 
Sent: Wednesday, December 28, 2005 11:58 AM
To: henry at pulver.com; voipsec at voipsa.org
Subject: RE: [VOIPSEC] Voipsec Digest, Vol 12, Issue 24 -- "no central call
routing"

Henry,

Can you elaborate a bit more?  Is there a proxy to identify
authenticated endpoints?  How does carrier-to-carrier work in this
scenario?

Thanks in advance for your reply,

Craig

P.S.  No one that I know would flame you!  ;)

Craig Y. Lee
Vice President, Marketing
Nuera Communications, Inc.
10445 Pacific Center Court
San Diego, CA  92121  USA
+1 (858) 625-2400
+1 (858) 625-2422 FAX
+1 (858) 335-3692 Mobile
craig at nuera.com
http://www.nuera.com

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Henry Sinnreich
Sent: Wednesday, December 28, 2005 7:05 AM
To: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] Voipsec Digest, Vol 12, Issue 24

> You can't sell expensive phones or nobody will be your customer 

 

Check out the Skype phones, (or the Nimcat/Avaya or Peerio PBX phones).

There is no central call routing and the phones are both secure and
affordable. 

 

Both the business models and the platforms (no VoIP infrastructure) are
different though from the "carrier" model, and this changes the security
model and cost in a fundamental way.

 

Let the flames come! :-)

 

Thanks, Henry

 

 

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Voipsec-request at voipsa.org
Sent: Wednesday, December 28, 2005 6:00 AM
To: Voipsec at voipsa.org
Subject: Voipsec Digest, Vol 12, Issue 24

 

Send Voipsec mailing list submissions to

      Voipsec at voipsa.org

 

To subscribe or unsubscribe via the World Wide Web, visit

      http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

or, via email, send a message with subject or body 'help' to

      Voipsec-request at voipsa.org

 

You can reach the person managing the list at

      Voipsec-owner at voipsa.org

 

When replying, please edit your Subject line so it is more specific

than "Re: Contents of Voipsec digest..."

 

 

Today's Topics:

 

   1.  VoIP vulnerabilities summarization (david.castro)

 

 

----------------------------------------------------------------------

 

Message: 1

Date: Tue, 27 Dec 2005 16:12:14 +0100

From: "david.castro" <david.castro at adianta.net>

Subject: [VOIPSEC]  VoIP vulnerabilities summarization

To: Voipsec at voipsa.org

Message-ID: <43B159CE.8030706 at adianta.net>

Content-Type: text/plain; charset=ISO-8859-1; format=flowed

 

Hello, I'm David.

I've just read your interesting "chat", and I learned a lot, but I'd 

like make a question about SIP.

Let's imagine you are making an IP phone-operator. You have a central 

access point (server SIP and gateway to PSTN), or several access points 

across internet. You can sell to your customers a IP-phone, so they 

don't have a computer run to chat on the phone. You can't sell 

expensives phones or nobody will be your customer, so the phones hasn't 

TLS, IPSEC or proxy SIP, because they are connecting direct to access
point.

How do you protect this scenario?

I'm using login/password in register request, but in other request I 

can't by the phones. What would you do?

Thanks

 

 

 

 

 

------------------------------

 

_______________________________________________

Voipsec mailing list

Voipsec at voipsa.org

http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

 

 

End of Voipsec Digest, Vol 12, Issue 24

***************************************

 

 

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list