[Asterisk-Dev] Asterisk Manager encryption

[Kristian Kielhofner]

Brian Capouch wrote:
> Kristian Kielhofner wrote:
> 
>>
>>     Although I do think it would be nice to see more crypto in 
>> Asterisk...
>>
> 
> How would you address Kevin's point, which is that it then places a new 
> burden on the development team of a pretty different color, in terms of 
> having to stay *right* on top of a panoply of security issues that right 
> now are the dominion of specialists in that field.
> 
> Almost as bad as the "patch scramble" would be the PR fallout, which in 
> an environment where the incumbents are really playing hardball, could 
> be very very damaging.
> 
> B.

B,

	This is true.  You and Kevin have a very valid point.  However, is it 
more "secure" and PR friendly to not implement crypto at all (or at 
least minimally)?  That is, not to try at all?  I think it would be 
uglier for someone to point out the lack of crypto altogether (which is 
starting to happen with VoIP in general).

	10+ years ago (sorry, I can't go back much further than that) it might 
have been acceptable to use telnet to login to a remote system, POP3 to 
check your mail, and simple SMTP (redundant?) to send it.  Not to 
mention http:// to conduct most online transactions, including logins.

	Now, I refuse to use anything but SSH, IMAPS, SMTPS, HTTPS, etc.  The 
common thread here is the (strong) crypto.  The point is, we should all 
be wise enough by now to implement crypto-enabled solutions whenever 
possible, from the start.

	Asterisk already includes it's own AES implementation for IAX2 
encryption, and still requires OpenSSL for IAX2 keys (AFAIK).  Why not 
throw some SSL/TLS enabled goodness in for the manager? :)  I know it's 
not that easy, but hopefully you get the idea!

	But then again, I don't work on Asterisk's code (so yes the burden will 
not be on me), and I am happy with using stunnel (at least for the OP's 
application).  This is more of a rant than anything :)!

-- 
Kristian Kielhofner