[asterisk-dev] What's a secure call?

Andrew Latham lathama at lathama.com
Tue Jul 3 06:44:27 CDT 2007


Wow

I am not really a person that would use these features myself. I feel
that some of my clients will ask for this in the longterm so I am
interested now. I do wonder how far the security could go, would, for
an example, leaving a voicemail fail if the security model said it
should. Simply tagging a call would be easy but how do transferring
and other dial plan options affect the call.

The one legged calls with an IVR is also very interesting, I am sure
that there would be some applications or third party AGI that would be
desired to work with this.

Does the entire Asterisk install become secure or do you secure by context?

Keep up the good work Olle..........


Andrew



On 7/3/07, Olle E Johansson <olle at voop.com> wrote:
> To open a can of worms... :-)
>
> I'm involved in Phil Zimmerman's efforts to integrate Zrtp into
> Asterisk. At the same time we have code for SRTP that needs to
> be integrated.
>
> This means that we will add the concept of a "secure call" in
> Asterisk. At some point, I want to be able to build dialplans
> where I can manager security requirements on channels, like "this
> conference is protected and requires a secure channel".
>
> So, to make this easy, should we have a boolean flag and determine
> "this is a secure call according to Asterisk Community
> Security Standards" or how should we  handle this? I think leaving it
> up to the admin is  the proper way to go, but we
> also have several scenarios to consider
>
> 1. Encrypted signalling and media stream
> 1. Open signalling stream, key exchange in the open, encrypted media
> 2. Open signalling stream, secure key exchange, encrypted media
> 3. Secure signalling stream, un-encrypted media
>
>      exten => _x.,n,gotoif(${ISSECURECALL(level6)} ? approved,1 :
> hangup,1)
>
> And to add to that, we have many different call scenarios.
>
> 1. Bridged call between two secure endpoints, Asterisk transcodes and
> have an unsecure media path
> 2. One-legged secure call between Asterisk and a phone (IVR)
> 3. SIP to ASterisk over IAX trunk to another Asterisk to SIP with
> SRTP/TLS and encrypted IAX - but open
>      media path when going from SIP to IAX
>
> And yes, of course, this is not attempting to be a complete list at all.
>
> Can we simplify this and make it configurable? Do we want to?
>
> Can we implement the notion of a "trusted" PBX that we allow being in
> the middle and "untrusted" PBXs
> that we want to avoid or that changes the security property of a call.
>
> As I said to Phil: "A PBX is designed to be a man-in-the-middle attack."
>
> There's certainly room for discussion, brainstorming and wild ideas
> here.
>
> /O
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev
>


-- 
/*
 Andrew Latham
 LATHAMA (lay-th-ham-eh)
 lathama at lathama.com
 lathama at gmail.com
*/



More information about the asterisk-dev mailing list