[VOIPSEC] IAX softphones and security (Was Re: What methods of encrypting SIP signaling are out there *other than* TLS encryption?)

[dan_york at Mitel.com]

Melvin,

> I have recently study IAX2 ciphering, and I’m asking: why don’t make a 
> softphone who be able to support IAX2 encryptions, and authentications 
> specifications? The IAX2 ciphering process appears to be ok (I’am 
wrong?), 
> so, why not develop a safe client? It will provide a better privacy for 
> communications, with IAX2 advantage (like NAT and Firewall traversal). 
> Moreover the required bandwidth is less than SIPs or other protocols.
> I’ am looking to your responses.

Wellll... I think for starters there would need to be more systems 
supporting
IAX as a protocol for endpoints.  To my knowledge the only systems out 
there
supporting IAX are Asterisk and the various products built upon the 
Asterisk base.
I am not aware of IAX being added to products from any other vendor.  In 
order for other vendors to support IAX, it really needs to be standardized
as an RFC...  (the process was started but not yet completed)

Having said that, there already *are* a number of different IAX softphones 

out there today.  I don't know if any of them focus on providing a secure
connection, but I agree it is a logical step.

My 2 cents,
Dan

-- 
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel       http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for 
secure communication