[Asterisk-Dev] libsrtp

Dr. Rich Murphey Rich at WhiteOakLabs.com
Fri May 14 20:03:19 MST 2004 

RFC 3711 doesn't specify the method for establishing the shared srtp session
key.   Likewise, libsrtp appears to require that the two endpoints have
already established a shared key.

Does anyone know of any voip standards for key exchange?

Cheers,
Rich


> -----Original Message-----
> From: asterisk-dev-admin at lists.digium.com [mailto:asterisk-dev-
> admin at lists.digium.com] On Behalf Of brian k. west
> Sent: Friday, May 14, 2004 9:34 PM
> To: asterisk-dev at lists.digium.com
> Subject: Re: [Asterisk-Dev] libsrtp
> 
> libsrtp isn't usd for auth it would be use to encrypt the rtp streams.
> 
> bkw
> ----- Original Message -----
> From: "Dr. Rich Murphey" <Rich at WhiteOakLabs.com>
> To: <asterisk-dev at lists.digium.com>
> Sent: Friday, May 14, 2004 7:18 PM
> Subject: RE: [Asterisk-Dev] libsrtp
> 
> 
> > Given that interoperability is a priority, interoperability should help
> > narrow down the choices of ciphers, key exchange, etc., to those that
> are
> > implemented well by various vendors and libraries.
> >
> > Does libsrtp provide authentication?
> >
> > Cheers,
> > Rich
> >
> >
> > > -----Original Message-----
> > > From: asterisk-dev-admin at lists.digium.com [mailto:asterisk-dev-
> > > admin at lists.digium.com] On Behalf Of John Todd
> > > Sent: Friday, May 14, 2004 1:54 PM
> > > To: asterisk-dev at lists.digium.com
> > > Subject: RE: [Asterisk-Dev] libsrtp
> > >
> > > Jim -
> > >    I'd like to put my most robust approval in for this as well.  :-)
> > >
> > >    Encryption is a real concern of mine (and my customers.)  SRTP is a
> > > great tool, though we'd be well-advised to also have TLS for SIP, and
> > > whole-enchliada-encryption for IAX2.
> > >
> > >    However, I'd be happy with starting with some RFC-approved method
> > > of encrypting SIP RTP streams, if you have the time and experience to
> > > put that together.
> > >
> > > JT
> > >
> > >
> > > At 11:43 AM -0500 on 5/14/04, brian wrote:
> > > >WOOOOOOOOOOOOHOOOOOO lets give er a shot! :)
> > > >
> > > >bkw
> > > >
> > > >>  -----Original Message-----
> > > >>  From: asterisk-dev-admin at lists.digium.com [mailto:asterisk-dev-
> > > >>  admin at lists.digium.com] On Behalf Of James H. Cloos Jr.
> > > >>  Sent: Friday, May 14, 2004 11:29 AM
> > > >>  To: asterisk-dev at lists.digium.com
> > > >>  Subject: [Asterisk-Dev] libsrtp
> > > >>
> > > >>  Is there any contra-indication to including libsrtp in the * dist
> and
> > > >>  using it for encrypting rtp and rtsp streams?
> > > >>
> > > >>  The license is revised-bsd-like so it should be OK under both of
> *'s
> > > >>  licenses.
> > > >>
> > > >>  The current version (1.3.20) is rfc 3711 compliant.
> > > >>
> > > >>  The api is simple enough; once the sessions are started you only
> need
> > > >>  to call srtp_protect() on each outgoing packet and
> srtp_unprotect()
> > > >>  on each incoming packet.
> > > >>
> > > >>  I can post a patch in mantis if there is interest; initially just
> one
> > > >>  to incorporate the lib, later to actually use it.
> > > >>
> > > >>  -JimC
> > > >>
> > > >>  References in order of appearance:
> > > >>
> > > >>  http://srtp.sf.net/
> > > >>  http://srtp.sf.net/license.html
> > > >>  http://srtp.sf.net/srtp-1.3.20.tgz
> > > >>  http://www.ietf.org/rfc/3711.txt
> > > >>  http://srtp.sf.net/libsrtp.pdf
> > > >>
> > > >>  --
> > > >  > James H. Cloos, Jr. <cloos at jhcloos.com> <http://jhcloos.com/voip>
> > > _______________________________________________
> > > Asterisk-Dev mailing list
> > > Asterisk-Dev at lists.digium.com
> > > http://lists.digium.com/mailman/listinfo/asterisk-dev
> > > To UNSUBSCRIBE or update options visit:
> > >    http://lists.digium.com/mailman/listinfo/asterisk-dev
> > >
> >
> >
> >
> > _______________________________________________
> > Asterisk-Dev mailing list
> > Asterisk-Dev at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-dev
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-dev
> >
> 
> 
> _______________________________________________
> Asterisk-Dev mailing list
> Asterisk-Dev at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-dev
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev
>

More information about the asterisk-dev mailing list