[VOIPSEC] mid-span decrypt

Bill Flanagan flanagan at flanagan-consulting.com
Tue May 9 16:32:12 CDT 2006 

Jim,
Is you appliance intended to carry every conversation of an ISP?  or 
just when presented with a court order?

Am I correct in inferring that the appliance must be part of the call 
setup to capture the key(s) by acting as man in the middle?

Bill

>
>------------------------------
>
>Message: 4
>Date: Mon, 8 May 2006 06:23:21 -0400
>From: "Jim Donovan" <jdonovan at covergence.com>
>Subject: Re: [VOIPSEC] CALEA Enforcement
>To: <Voipsec at voipsa.org>
>Message-ID:
>	<0D1719326D64BD4E9F92A0C120237678CEF104 at eserv.covergence.com>
>Content-Type: text/plain;	charset="us-ascii"
>
>Hi Sachin - 
>
>The CALEA requirements you mention in your note are one of the reasons
>why Covergence has developed mid-stream encryption / decryption
>capabilities as well as extensive call recording capabilities.    The
>mid-stream encryption / decryption capabilities allow you to run SIP TLS
>and/or SRTP in your network and our appliance will remove the
>encryption, capture the bidirectional RTP packets, and if necessary,
>re-encrypt for transmission to the next hop in the network.     Our
>appliance has dedicated hardware to ensure that the integrity of the
>media is not impaired as a result of this process.   The captured RTP
>streams are then coupled with an accounting record.    This information
>can be stored on our appliance or swept out to third-party database.
>The stored media recording and associated call record allows the
>captured media to be accessed by law enforcement personnel or network
>technicians for the purpose of troubleshooting call quality.   Whether
>or not an individual call is recorded is done based on a finely granular
>policy that allows the network operator and law enforcement personnel to
>determine who, what, and when to record.        
>
>Thanks,
>Jim
>www.covergence.com
>jdonovan at covergence.com
>
>----- Original Message -----
>From: "Gupta, Sachin" <s-gupta2 at ti.com>
>To: <voipsec at voipsa.org>
>Sent: Friday, May 05, 2006 10:33 PM
>Subject: [VOIPSEC] CALEA Enforcement
>
>
>  
>
>>I came across an article which mentions the enforcement of CALEA .
>>    
>>
>Would
>  
>
>>this mean no end-to-end security ?
>>How would any kind of legal intercept be possible if there is
>>    
>>
>end-to-end
>  
>
>>security ?
>>
>>http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-265221A1.pdf
>>
>>Sachin
>>_______________________________________________
>>Voipsec mailing list
>>Voipsec at voipsa.org
>>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org 
>>    
>>
>
>
>
>------------------------------
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
>End of Voipsec Digest, Vol 17, Issue 9
>**************************************
>
>  
>

-- 
____________________________________________
William Flanagan        Ph:  +1.703.242.8381
Flanagan Consulting     Fx:  +1.703.242.8391
45472 Holiday Dr. #3, Sterling, VA 20166 USA
www.flanagan-consulting.com

"Beware of false knowledge; it is more dangerous than ignorance."
                                        --George Bernard Shaw

More information about the Voipsec mailing list