[Free-RTC] Escape from PRISM!

Lee Azzarello lee at rockingtiger.com
Fri Jun 14 13:25:26 CEST 2013


I operate a secure SIP service at https://ostel.co

I'm using rtpproxy for NAT traversal. Since the audio stream is
encrypted with ZRTP, the server doesn't have access to the content of
calls.

During the course of this project, I have discovered numerous
complications. The nut I'm trying to crack right now is SIP
federation. I have alias calling working via SRV records but calling
between SIP domains is pending. The closest I came so far is a call
between ostel.co and ekiga.net succeeded but one of the two providers
is mangling the rtp stream so that the ZRTP key agreement never
happens.

I'll post my progress when I get that nailed down. I also have a
milestone on my roadmap to build a Chef cookbook to automate the
assembly of a full secure SIP stack.

Regards,
Lee

On Tue, Jun 11, 2013 at 11:12 AM, MJ Ray <mjr at phonecoop.coop> wrote:
> Daniel Pocock <daniel at pocock.com.au>
>> There are also some sore points, e.g. the Debian 7 release includes an
>> Empathy version that only works with Google's gmail TURN server and
>> not the Debian packaged TURN server.  Things like that are going to
>> continue frustrating users for some time to come but will eventually
>> be ironed out.
>
> I think it's a far bigger frustration that we can't actually call
> anyone who's not using the same system yet, and sometimes it won't
> even work on the same system, while the debugging logs on either
> client or provider often seem to be insufficient to actually find out
> why something doesn't work.
>
> I've got jitsi working over XMPP, but damned if I can see how to let
> others call in, or call outside the same system with it :-/
>
> The lumicall site says things like "If the VoIP provider supports SIP,
> TLS and ICE, it should work" which is great, but what UK VoIP DDI
> provider supports all three?  In short, part of the necessary
> information for mass use seems to be missing still.  If anyone has it
> working, please post step-by-step instructions so others can set
> things up and help spread the spoken word.
>
> Thanks,
> --
> MJ Ray (slef), member of www.software.coop, a for-more-than-profit co-op.
> http://koha-community.org supporter, web and library systems developer.
> In My Opinion Only: see http://mjr.towers.org.uk/email.html
> Available for hire (including development) at http://www.software.coop/
> _______________________________________________
> Free-RTC mailing list
> Free-RTC at lists.fsfe.org
> https://lists.fsfe.org/mailman/listinfo/free-rtc


More information about the Free-RTC mailing list