View Single Post
Unread 10-25-2009, 06:04 PM   #2
ctylor
 
ctylor's Avatar
 
Join Date: Apr 2006
Location: Vancouver, BC
Posts: 296
Thanks: 94
Thanked 53 Times in 27 Posts
ctylor will become famous soon enough
Default SIP over Transport Layer Security (TLS)

I am not sure how difficult it would be to enable SIP over Transport Layer Security (TLS) between our SIP devices and the Voxalot server, but that would be a good start... though I don't think that encrypts your calls, just the server info and passwords you are sending in SIP packets.

Unfortunately very few devices and softphones (the SPA942/SPA962 and Eyebeam, anything else?) even include the functionality to encrypt SIP messages with TLS.

Secure Real-Time Transport Protocol (SRTP) is commonly supported in theory in Sipura/Linksys devices but the only way to get a certificate is at the dying Voxilla website, and even then it only works for Sipura ATAs, and not for IP phones. And to work requires both parties be using SIP devices with SRTP installed and call security enabled.

You know, the more I think of it, the more it seems like the government designed the "security" system of SIP telephones. There seems no reason why it couldn't be more secure. Just that not enough people are asking for it or willing to pay for it.
ctylor is offline   Reply With Quote