[VOIPSEC] FYI - podcast on securing SIP media streams - Dan Wing talks through his recent IETF presentation

dan_york at Mitel.com dan_york at Mitel.com
Sun Apr 9 20:06:48 CDT 2006 

VOIPSEC folks,

FYI, Jonathan and I recently recorded a great interview with Dan Wing and 
Cullen Jennings of Cisco Systems about the recent IETF meeting.  Dan 
talked through some of the slides from his recent IETF presentation that 
provides an excellent summary of the various different choices we have 
before us for securing SIP media streams.  Mostly he explained *what* the 
security issues are with securing the media streams and how the different 
proposals (such as sdescriptions, MIKEY, ZRTP, EKT and others) are 
approaching those problems.   It was quite a great education from someone 
immersed right in the midst of the issues.  Both he and Cullen also 
offered their views on security items coming out of the recent IETF 
meetings, the IETF creation of the Realtime Applications and 
Infrastructure (RAI) area  and other topics.

Given that SRTP interoperability is really one of the primary barriers for 
secure cross-vendor SIP interoperability, Dan's slides and his explanation 
of them are, in my opinion, definitely worth a listen.  The interview runs 
about 25 minutes and is in our latest podcast at:

  http://www.blueboxpodcast.com/2006/04/blue_box_podcas.html

The URL for Dan's slides was already posted to this list earlier, but if 
you haven't seen them, they are at:

  http://www3.ietf.org/proceedings/06mar/slides/raiarea-1.ppt

Given the technical nature of the discussion, it will probably help if you 
have a copy of the slides in front of you while listening. 

As Dan and Cullen noted, there were not necessarily any conclusions on 
this topic out of the IETF meeting, but the presentation did point out to 
people that we have a problem in need of a solution - and many solutions 
trying to solve that problem, all of which are not entirely meeting the 
requirements yet. 

Many thanks to Dan for his diving into the technical details for us and 
thanks to both Dan and Cullen for sharing their views of the recent IETF 
sessions.

Enjoy,
Dan
-- 
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp.     http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for 
secure communication

More information about the Voipsec mailing list