On Fri, Jun 24, 2005 at 11:57:17AM -0400, Julio Arruda wrote: > 2- Out-of-band is as safe/unsafe as having the conversation recorded, > including pin, by the hacker, if no encrypted voice path is being used.
I haven't given much thought to this earlier, so I hope the following is not total crap: in-band is in the data and out-of-band goes in the control stream of SIP, right? If so, those two may be on different pathes, and it is also possible to encrypt one and not the other. I figure it would make sense to encrypt the control stream alone, and not waste costly resources on the data stream. FTP/Kerberos and (in a way) telnet/Kerberos are similar. /me wander off thinking about the impact of an attacker with just the ability to drop arbitrary packets from a VOIP connection. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il | | a Mutt's [EMAIL PROTECTED] | | best ICQ# 16849755 | | friend _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
