[VOIPSEC] DKIM Domain Key Identified Mail

Christopher A. Martin chris at InfraVAST.com
Tue Nov 29 21:51:04 CST 2005 

Simon Horne wrote:

> At 07:26 AM 30/11/2005, Randell Jesup wrote:
>
>> "Christopher A. Martin" <chris at InfraVAST.com> writes:
>> >Maybe an announcement that user identification is pending. People 
>> put up
>> >with delays from Cell phones, and there is something similar when 
>> delays
>> >are occuring...
>> >
>> >"Please wait while we locate the xxxxx service subscriber...."
>>
>>         And people hate that.  They do significantly impact the
>> functionality for some people.  Witness how people use the ability to 
>> quick
>> "clack" people with Nextels.  Not an issue if you have to manually 
>> dial a
>> phone with a rotary encoder.  Much more of an issue when you have quick
>> single-button connections (especially in soft clients).
>>
>>         I'm not saying it's impossible, but adding annoyance to security
>> tends to insure it gets turned off/not implemented/ignored.
>
>
> Agree totally, the article on DKIM posted by phillp was a great read 
> and covered a lot of these types of topics. I think there is a lot to 
> learn from the email experience in how to apply security in an 
> ubiquitous easy to use manner, Anything that takes longer or is more 
> difficult to use is going to be ignored or not used.  To me. I.5 sec 
> delay to authenticate is too long. (Pinging the voipsa.org website 
> from my office is 292ms round trip, so 150ms is not unusual from this 
> part of the world).  Ideally (and we've done practically in another 
> protocol) this should be achievable by using existing calling 
> signalling (using SAML or whatever) with the certs embedded in the 
> message so it is no different to a standard call.
>
> Simon
>
>
>
>
>> -- 
>> Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga 
>> OS team
>> rjesup at wgate.com
>
>
> Simon Horne
> Director
> Packetizer Labs
> www.packetizer.com/labs
>
>
See, I like the certificate route. I want to learn more about SAML. I 
have always been behind making digital certificates the basis for 
securing VoIP.

Thanks,
Chris

More information about the Voipsec mailing list