Jingle encryption (was: Re: [Standards-JIG] jingle archives)

Nolan Eakins sneakin at semanticgap.com
Sun Dec 18 16:21:03 UTC 2005


Joe Hildebrand wrote:
> DTLS? (http://www.ietf.org/internet-drafts/draft-rescorla-dtls-05.txt)
> SRTP? (RFC 3711)
> 
> This is something we should really ensure is interoperable with the  SIP 
> world.  Can someone from that camp comment on what the cool kids  are 
> doing?

That's a good point. Googling for "encrypted rtp", I would say that SRTP 
is the way they're going. A page to make the point: 
"http://www.voip-info.org/wiki/view/Asterisk+encryption". That page 
lists a couple of hardware phones, Snom and Zultys, that support SRTP.

Initially I thought an additional encryption negotiation would have to 
occur. This might be wrong. Am I right in that you could specify an 
"srtp" candidate? If so, then one problem I see are the number of 
candidates would most likely double which would make one huge burst stanza.

I'm looking through RFC3711 right now. Am I reading it correctly that 
most if not all of the encryption handling is /in/ SRTP? I haven't been 
able to uncover where the master key is sent. Is it out of band, ie: in 
Jingle?

Of interest: http://srtp.sourceforge.net/srtp.html

- Nolan



More information about the Standards mailing list