[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sip-implementors
Subject:    [Sip-implementors] SRTP key transmission
From:       Vadim Lebedev <vadim () mbdsys ! com>
Date:       2009-05-31 22:26:32
Message-ID: 83741142-D152-49C0-81C5-E8E6532B43DF () mbdsys ! com
[Download RAW message or body]

Hello,

I've been reading various RFC describing  tranmission of master key  
for SRTP unside SDP's.
They require (like in rfc4568) the INVITE/200/ACK be transmitted using  
TLS to avoid key interception.

I wonder why nobody proped following scheme:

Alice generates a mester key, encrypts it wih Bob's public key and  
signs it with her own private key.
The resulting material is stored in SDP which can be transmitted  ove  
unsecure connection...
Bob receives the INVITE request extract the signed keye authenicate  
the Alice signature and decodes the master key using his onw private  
key....



Thanks
Vadim


[prev in list] [next in list] [prev in thread] [next in thread]