[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSec IP Telephony:End to End or Segment

On Tue, 30 Mar 1999, Anthony Walwyn wrote:
> With respect to IP Telephony, should security be
> end-to-end or does it make sense to have it on 
> just one segment, eg between two IP Telephony Gateways.

Depends on what sort of threat you are trying to protect against.  The
PSTN is fairly secure against casual snooping, somewhat insecure (at the
ends) against knowledgeable snoopers, and completely open to government
agencies (and possibly others with plenty of cash).

The only really strong security is end-to-end security, but weaker forms
may still be useful, depending on circumstances.

> Phone--PSTN--IPGW--IP Network--IPGW--PSTN-Phone
> If security is only implemented between the Gateways
> is the security risk unacceptable ??

Unacceptable to who, for what purpose?

> If the phones were Internet-Phones, security could be 
> implemented end-to-end using IPSec, but what happens if
> one end is an Internet Phone and one end is a normal PSTN Phone ?

The "INSECURE!" light on your Internet Phone should light up.

                                                          Henry Spencer

Follow-Ups: References: