[VOIPSEC] Secure RTP

[Nathan Allen Stratton]

What are people doing for secure RTP in their networks? There is of course
RFC 3711, but it does not get into key exchange. Sipura is using SIP INFO
for key exchange, but it is totally proprietary as the SNOM k: header in
SDP, tho I think much more elegant Sipura.

I think that draft-ietf-mmusic-kmgmt-ext-13.txt holds the most promise, it
is very much like SNOM SDP method in that it adds key-mgmt: field in the
a header in the SDP.

What are peoples thoughts on this? I would love to see someting standards
based that would work between vendors. One think I like about Sipura is
that they let you build private/public certs for each device and then
store it in the config file. This lets a service provider manage keys and
support legal intercept if required vs the SNOM auto key generation.


><>
Nathan Stratton                                   BroadVoice, Inc.
nathan at robotics.net                                 Talk IS Cheap
http://www.robotics.net                           http://www.broadvoice.com