[Asterisk-Users] VOIP Spam
Nicholas Bachmann
asterisk at not-real.org
Sat Apr 17 08:58:33 MST 2004
Duane wrote:
> Tom Green wrote:
>
>> Brian,
>>
>> Encrypted SIP messages can be sent using TLS. However,
>> I don't think it is realistic to expect everyone
>> calling you to have a public/private key pair.
>
I don't quite agree.
> SMTP servers that support SMTP-TLS and have valid certs + config do
> exactly that already...
But I think Tom's point is that SMTP-TLS is not very common.
However, a PKI for VoIP would be much easier, and much more manageable,
than PKI for email. Each provider would have to maintain a key server
that stored keys for their users. Then, a public, central registry of
provider keys would be needed. The main challenge would be getting
private keys into phones.
Alice ---------------> Alice's Provider (AP Co.) ----------------->
Bob's Provider (BP Co.) ------------------------> Bob
[Signed by Alice] [Alice's
Verified Sig] [Alice's Verified
Sig]
[Signed by AP Co.] [AP Co.'s Verified Sig]
[Signed by BP Co.]
In this system, Alice would sign and send her SIP messages to her
provider's SIP proxy. Her provider, AP Co., proxy would verify the
signature with its own key server, and, if valid, would sign it with the
AP Co, key and pass it on to BP Co.'s proxy server. The BP Co. proxy
could then check AP Co.'s signature, sign the message, and pass it to
Bob. Bob, then, must only check that the message is signed by the
user's provider.
There are, of course, weaknesses in this plan. To name a few:
1. It's a chain of trust: it's hard for Bob to verify Alice's signature
directly
-Not impossible to fix
2. A central registry must be created that's free and open for providers
to use but secure enough to verify members.
-Think about the global IP address distribution agencies
3. Phones must get private keys securely.
Nick
More information about the asterisk-users
mailing list