In this Special Edition, I sat down with Cullen Jennings out at VoiceCon San Francisco in August 2007 to talk about SIP security. Cullen had just co-presented with Eric Rescorla a 3-hour tutorial on SIP security and in this interview we covered an overview of the topics covered in that session, such as:
* challenges in encrypting SIP signaling (forking, early media (including what it is))
* proposed methods of encrypting voice/media, including ZRTP and DTLS
* SIP identity
* SIP outbound, a proposal for helping SIP signaling work across firewalls
* certificate management in SIP
* future security issues of concern within SIP
I believe you will find it both a very educational and interesting interview that will help explain some of the various areas of SIP security.