[guardian-dev] Blog post: VoIP Security Architecture
Michael Rogers
michael at briarproject.org
Fri Nov 22 05:21:48 EST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 22/11/13 00:11, Lee Azzarello wrote:
> Once the endpoints agree on a shared secret, the ZRTP session ends
> and the SRTP session begins. When established, all audio and video
> content going over the network is encrypted. Only the two peer
> endpoints who established a session with ZRTP can decrypt the media
> stream. This is the part of the conversation that cannot be
> wiretapped nor can metadata of sessions in progress be spied on.
Hi Lee,
Recently 'metadata' has been used a lot to refer to information about
who's communicating, when they're communicating, and where they are at
the time. SIP-TLS, ZRTP and SRTP don't conceal the IP addresses of the
endpoints, which can often be mapped to identities and/or locations,
so perhaps someone thinking of the recent usage of 'metadata' would
misunderstand "nor can metadata of sessions in progress be spied on"
to mean something stronger than it does?
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJSjzA7AAoJEBEET9GfxSfMJcMH/3nYmm/tFOOsNCSDf4p3joEF
y/OU3IS+EoPYqzHIS/kiIry0HuvwZcHStvVRrVtmosBD+NkNPz/g5uD6oAsJx/WK
ni4gPFnpVc1WaqnVdbojd5DtGMvOGqHwKZoUEOELDed0+PzttTuoWQSNYLd/F4Vn
Y+JtkbG0lR+dl1I1lbJ8R1PRKNlOEl+g9+CpAnoZYsEmRmTxL7rn6FIYZ6GdsjHf
mkRd5Ho/KzXd4DM1SI11YaVL0wgH+v6abtkfvD02CH3SXn7jG9tgSk4ADHBBBTks
XhwNue+CTlfFyGFtEfAaPf1jJvlFLW8ubw21niN0r4Pv5jsWQZZ9Q1f3uvkX5wM=
=OUQR
-----END PGP SIGNATURE-----
More information about the Guardian-dev
mailing list