[SIPForum-discussion] FW: right on: [SIPForum-techwg] SIPconnectand Security
Marc Robins
marc.robins at sipforum.org
Tue Jun 10 15:24:59 UTC 2008
SIP Forum Members,
This sender replied to a message thread from our Technical Working Group
list and sent it out erroneously to our Discussion Group list -- please DO
NOT REPLY to this message, as this conversation is not intended for this
list.
Sorry for the inconvenience and we do appreciate your understanding.
Best,
Marc
*************************
Marc Robins
Managing Director, SIP Forum
http://www.sipforum.org <http://www.sipforum.org/>
marc.robins at sipforum.org
Tel: 718-548-7245
Fax: 484-952-2470
Mobile: 203-829-6307
SkypeMe! marcrobins
Chief Evangelism Officer, RCG
http://www.robinsconsult.com <http://www.robinsconsult.com/>
Partner
IP Communications Insights
http://www.ipcom-insights.com <http://www.ipcom-insights.com/>
*************************
_____
From: discussion-bounces at sipforum.org
[mailto:discussion-bounces at sipforum.org] On Behalf Of Tom Cross
Sent: Tuesday, June 10, 2008 10:17 AM
To: discussion at sipforum.org
Subject: [SIPForum-discussion] FW: right on: [SIPForum-techwg] SIPconnectand
Security
Alan,
Right on!
When I teach my SIP classes I focus extensively on security.
As a CSSP, security is paramount and should be more than a hope-for SIP
feature.
Cheers,
Thomas B. Cross - CSSP
CEO - TECHtionary.com - 303-594-1694
World's First and Largest Animated Free Library on Technology
www.techtionary.com
From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org] On
Behalf Of Johnston, Alan B (Alan)
Sent: Tuesday, June 10, 2008 7:41 AM
To: techwg at sipforum.org
Subject: [SIPForum-techwg] SIPconnect and Security
I've started a separate thread on this as is a worthwhile topic for
discussion on its own.
Before we get lost in the details of how best to key SRTP and how to do best
effort SRTP, let's think about SIPconnect and security. We currently have a
recommendation that basically has no security at all. Many of us went along
with this 1.0 version in the name of having immediate interoperability and
deployability.
But is this really the direction we want to go in all our future
recommendations? Is security just a nice feature that we debate and decide
to leave out of our recommendations?
Our work on these recommendations should set the direction for our industry.
Do we believe that enterprise communication needs authentication and
confidentiality of both signaling and media?
Once we debate these questions, we can go back to the details, timelines,
etc for the next version of SIPconnect.
Thanks,
Alan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20080610/4e26ad5c/attachment-0002.html>
More information about the discussion
mailing list