[asterisk-dev] SRTP and forcing encrypted calls

Terry Wilson twilson at digium.com
Thu Feb 11 00:09:45 CST 2010


On Feb 10, 2010, at 7:21 PM, Jeff LaCoursiere wrote:
> On Wed, 10 Feb 2010, Leif Madsen wrote:
> 
>> Terry Wilson wrote:
>>>> - outbound call with security requirement
>>>> - 200 OK with SRTP for audio, but RTP for video and text
>>>> 
>>>> - Do we accept non-secured media streams? Or reject the call?
>>> 
>>> Ugh. Can we just hope that it never comes up and ignore the case
>>> completely :-) Under the current paradigm, I'd say reject the call since
>>> it doesn't include security for all options. But, I can see how that
>>> wouldn't necessarily be what one would want to happen. But I really
>>> don't want to have to specify requirements for every different kind of
>>> media that could possibly exist. audio/video/text/image/morse code/smoke
>>> signals/whatever. :-) It starts to be kind of a pain, dialplan-wise. It
>>> seems silly that a client would choose to send encrypted audio, but
>>> leave the other media unencrypted. But, people do silly things all the time.
>> 
>> This seems like something we can leave as a feature request for later
>> programming. At the current time, my vote would be "all the way secure, or all
>> the way unsecure". We shouldn't attempt to mix and match security here.
>> 
>> Honestly, if I am setting up a secure call, and then my video or text are
>> unencrypted, then I don't quite get the point.
>> 
>> Anyways, my vote would be to require everything you're offering to be 
>> either encrypted or not, and if anything is different, either fail the 
>> call, or ignore those streams which don't match our dialplan or 
>> configuration file settings (whichever is makes more sense).
>> 
> 
> Not that I disagree, but just to point out one situation where security 
> *to* asterisk would be desired, and then you don't care... if the call is 
> traversing an untrusted network on the way *to* the asterisk box, you want 
> encryption, but from there it goes out the PSTN...


The way things are currently set up, if you offer encryption to asterisk on an inbound call, that leg of the call will be encrypted (by default).  The above case is more about a single leg of the call offering multiple media types with only some of them encrypted. The only way the second leg of the call would be encrypted would be 1) it was to a peer defined via a conf file that was set up to use encryption or 2) the dialplan functions were used to tell Asterisk to use encryption.

Terry


More information about the asterisk-dev mailing list