Well, that is not the problem.
Mikey gets the called person "by surprise". That means the called party
needs some time to work on the security. This is a problem for us
because we have "only" 150 MHz CPU power and users want to start the
call immediately. A extreme example is the paging mode, where the phone
is supposed to answer immediately - and if it is not able to do so it
will miss the first piece of the coversation ("Miss Monneypenny - may
she bring me a tea").
And the mikey implementation required a lot of code. In other words, a
lot of potential bugs and problems.
CS
________________________________
From: Matthew Gardiner [mailto:[EMAIL PROTECTED]
Sent: Friday, February 10, 2006 8:46 AM
To: Christian Stredicke
Cc: [email protected]
Subject: RE: [Sip-implementors] Schemes for SRTP master key
exchange
Thanks Christian,
Am I right in assuming that when MIKEY is being used it has no
impact on the SIP/SDP message content? The MIKEY RFC3830 spec. certainly
has no examples of any modified SDP lines.
Does the MIKEY protocol work outside of the SIP call setup
messages? That is, solely alongside the media (RTP) server.
thanks again,
Matt
-----Original Message-----
From: Christian Stredicke [mailto:[EMAIL PROTECTED]
Sent: 09 February 2006 21:58
To: Matthew Gardiner
Cc: [email protected]
Subject: RE: [Sip-implementors] Schemes for SRTP master key
exchange
We have implemented SDES *and* MIKEY.
We found that a show-stopper for mikey is that it takes too long
to
answer a call (embedded system!). Answer-after=0 becomes
impossible.
Therefore, we offer only sdes in our firmware.
And sdes is very simple, at least the inline modes. Also saving
a lot of
code, a lot of trouble shooting, and a lot of embedded memory
space.
Christian
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Matthew Gardiner
> Sent: Thursday, February 09, 2006 5:02 PM
> To: [email protected]
> Subject: [Sip-implementors] Schemes for SRTP master key
exchange
>
> Hi all,
>
> I am currently investigating how to control secure RTP
> sessions originating
> from one of our new media server products. My main direction
> of research is
> in discovering what mechanism we should be using in order
> that connected SIP
> devices exchange master keys. So far, I have encountered two
> orthogonal
> bodies of information:
>
> 1. MIKEY (RFC3830)
> 2. SDES (draft-ietf-mmusic-sdescriptions-12.txt)
>
> >From my interpretation of this, two differing schemes are
> being presented,
> one (MIKEY) proposing that key exchange is implemented using
> an additional
> protocol - MIKEY and the another (SDES) which proposes that
> SIP/SDP be used
> to negotiate/exchange crypto parameters.
>
> Is my above assessment, i.e. the two different schemes,
correct?
>
> If so, do any of the posters to this group know which of
> these schemes is
> most likely to be implemented in the majority of SIP devices?
> All opinions
> would be welcomed, since for our product we'd like to avoid
> implementing any
> necessary protocols.
>
> thanks,
>
> Matthew Gardiner
> Software Engineer
> Aculab
> _______________________________________________
> Sip-implementors mailing list
> [email protected]
>
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
>
>
>
_______________________________________________
Sip-implementors mailing list
[email protected]
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
