[SIPForum-techwg] Avaya Contribution for SIPconnect 1.1

Richard Shockey richard at shockey.us
Mon Jun 9 13:38:11 EDT 2008 

Does anyone have any idea how many service providers can support SRTP now.  

 

What level of support is there for SRTP in the CSCF's ??  

 

What level of support do we plan on seeing within this decade?

 

I point this out since one of the stated goals of 1.1 is a IMPLEMENTABLE
specification.

 

From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org] On
Behalf Of Francois Audet
Sent: Monday, June 09, 2008 11:55 AM
To: DOLLY, MARTIN C, ATTLABS; Johnston, Alan B (Alan); techwg at sipforum.org
Subject: Re: [SIPForum-techwg] Avaya Contribution for SIPconnect 1.1

 

It could be for both, although really, SRTP is end-to-end. So if a service
provider doesn't find it necessary to support in its media gateways, then it
won't be used.

 

The major point is that before you use SRTP-only, you really need to make
sure that everybody in the network supports it because calls will fail
otherwise. In practical deployment today, it is generally not feasible.
Therefore, you really need a way to "turn off" SRTP-only as it is likely to
be deployed only in specialized applications. The "best-effort SRTP" using
media negotiation will be very useful because it's designed to be backward
compatible.

 

IPsec vs TLS/SRTP is not an "either/or". IPsec is just securing the access
network, not end-to-end media. If a service provider wishes to use IPsec at
the access, it's ok. We should probably say something about it in the
document. It's a good point. I can see that there will be many cases where,
for example, the service provider will require IPsec at the access, but
enterprises may want to use SRTP end-to-end.

 

  _____  

From: DOLLY, MARTIN C, ATTLABS [mailto:mdolly at att.com] 
Sent: Saturday, June 07, 2008 07:02
To: Audet, Francois (SC100:3055); Johnston, Alan B (Alan);
techwg at sipforum.org
Subject: RE: [SIPForum-techwg] Avaya Contribution for SIPconnect 1.1

Francois,

 

So, is SRTP intended within a enterprise and between the same corporate
campuses only, or is it also intended to be used toward a service provider?

 

And the same question for mandating TCP/TLS?

 

We would prefer using IPsec for interconnection.

 

Martin

 

  _____  

From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org] On
Behalf Of Francois Audet
Sent: Friday, June 06, 2008 1:21 PM
To: Johnston, Alan B (Alan); techwg at sipforum.org
Subject: Re: [SIPForum-techwg] Avaya Contribution for SIPconnect 1.1

Hi Alan,

 

This is great. Lots of useful material in there.

 

Here are a few comments:

*	I like the connected identity addition. This will be quite useful. 
*	I like the new section on media security. I think we need to be a
little more explicit on the "Always SRTP" implications of your text (i.e.,
the call will fail if both ends do not support SRTP, and therefore use with
caution). I think we could address it by having a sub-section for "Always
SRTP" and another one for "Best-Effort SRTP". I could provide some text for
the "Best-Effort SRTP" section providing guidance on the use of
draft-ietf-mmusic-sdp-capability-negotiation (which should be RFC by the
time SIPConnect 1.1 is done). 
*	I like the way you are handling Presence and IM support. I think
this is exactly how we should treat it.
*	It would be nice to explain that the reason PUBLISH is not supported
at this time is that it's normally used within the domain of the enterpise
(i.e., you could move it to the next paragraph that talks about resource
lists, XCAP, watcher info.

 

  _____  

From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org] On
Behalf Of Johnston, Alan B (Alan)
Sent: Friday, June 06, 2008 08:25
To: techwg at sipforum.org
Subject: [SIPForum-techwg] Avaya Contribution for SIPconnect 1.1

All,

 

Here is a contribution from Avaya for SIPconnect 1.1.  In some areas it is
more 2.0 than 1.1 but it really is quite a lot of work to revise the
specification, and to do so but add little of interest or value could be a
mistake.  For example, we propose adding secure media and presence exchange
to SIPconnect.

 

 
http://www.sipforum.org/component/option,com_docman/task,doc_download/gid,14
6/Itemid,75/

 

Comments are most welcome.

 

Thanks,

Alan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://sipforum.org/pipermail/techwg/attachments/20080609/97b1fcbf/attachment.html

More information about the techwg mailing list