[VOIPSEC] Voipsec Digest, Vol 8, Issue 26
Lee Dilkie
lee_dilkie at mitel.com
Tue Sep 6 18:40:03 CDT 2005
Albert wrote:
>[...]
>I think that a 2-3 second delay in *setting up* a call is perfectly
>acceptable seeing the usual time it takes to establish any phone connection.
>In my mind it is analogous to the security checks at the airport before
>boarding the plane.
>
>[...]
>
>
I think the issue in delay is the time it takes to do key negotation
when the ringing end answers a call. Typically, phone systems only spec
a couple of hundred ms for a voice path to be established after the call
has been answered. This time is derived from the time it takes to lift
the handset from the cradle, bring it to the ear and speak "hello?". If
you take longer than this to establish the voice path, the human beings
are going to get confused if the "hello?" isn't heard by the calling
party. 2-3 seconds is simply unacceptable.
This is why the TLS/SSL solution, with keys in plaintext, is so
appealing. There is no delay as there is no key negotation (other than
the trival "here's the key I want you to use!"). And TLS/SSL is also why
we're bemoaning having to switch to tcp connections. Things are just
never easy, eh?
-lee
More information about the Voipsec
mailing list