[VOIPSEC] Soft Phone Vulnerabilities
Michael Slavitch
slavitch at gmail.com
Thu Jun 15 11:24:23 CDT 2006
I'll now stop waving a red flag at this bullring of experts. But in closing
please note my key argument that trust amongst actual humans is relationship
based, not protocol based. For example, Phil's zrtp uses relationships, not
cert authorities, to set up a secure session between two people. It is
truly novel and interesting because it understands the real problem at
hand. The most powerful part of zrtp isn't the protocol itself but the
people and the resulting persistence of personal trust over time without the
need for central authorities.
How experts trust the underlying protocols is another matter, and that is
best left to experts. But in the long run experts are not the ones that
decide that something is trustworthy and usable.
Regards
Michael
More information about the Voipsec
mailing list