September 30, 2011 archive

Speaking Next Week on IPv6 and VoIP Security at 7th Real-Time Communications Conference in Chicago

Rtcconf2011
If any of you will be in Chicago next week, October 4-6, 2011, for the 7th Annual Real-Time Communications Conference & Expo, I'll be there on the 5th and 6th as a speaker.

I'll be speaking twice. First on Wednesday the 5th at 4pm on "The Current State of VoIP Security", wearing my VOIPSA hat and leading off a series of talks about security. I'll be providing an overview of the main threats to VoIP and communications security in general, leading the way into the two more specific talks following mine.

I'm rather excited that my second session will be my first public appearance wearing my new Internet Society hat (if you are not aware, I've posted details about my recent move) and will of course be about IPv6... more specifically "How IPv6 Will Impact SIP And Telecom".

Due to ongoing events on the personal front, I wasn't sure that I was going to make it out there... and quite frankly there's still a chance that I won't... but I should be out there.

If you look at the conference schedule, the speakers include outstanding people involved with so many different aspects of real-time communications. It should be truly an excellent event!

P.S. You can still register if you would like to attend!


If you found this post interesting or useful, please consider either:


The Economist Asks: Who Should Run The Internet?

Theeconomist
Who should run the Internet? Should it continue in the "multi-stakeholder" way it has operated so far? Or should governments have more of a say in how it is run?

The Economist captures that argument in a piece out today entitled "A plaything of powerful nations" that reports on the meeting this week in Nairobi of the Internet Governance Forum (IGF). The article rather succinctly covers some of the tension and challenges around public policy issues I briefly mentioned in my recent post about joining the Internet Society.

A key point for me is this (my emphasis added):

The multi-stakeholder approach dates from the beginnings of the internet. Its founding fathers believed that more openness would be both more secure and better for innovation. What is more, since the internet is a network of independent networks, it is hard to construct a form of governance that allows anyone to dictate things from the top.

Yet as the article notes, many governments would like to try - and the power struggle is really only beginning.

There are definitely going to be some interesting times ahead...


NOTE: While I am now employed by the Internet Society, I am NOT involved with the public policy activities of the organization and all comments and viewpoints expressed here are entirely mine alone as an individual.


If you found this post interesting or useful, please consider either:


Calling All Vendors! Test Your SIP over TLS at SIPit 29 Oct 24-28 in Monaco

SIPitAre you a vendor of SIP software or hardware devices? If so, do you support SRTP or SIP over TLS? If you do – or are thinking about doing so – why don’t you join Olle Johansson for some interoperability testing at SIPit 29, October 24-28, in Monaco?

Olle raised just that suggestion today in the VOIPSEC mailing list and said that he will be there focused on testing VoIP security (and also IPv6). As he said:

Customers need at least first hop TLS and SRTP to work as expected. They also need interoperability between devices. To get interoperability, everyone needs to work with it. It just doesn’t happen by accident. SIPit has been organised twice a year for 15 years in order to get the amount of interoperability we have today in SIP.

If you develop SIP software or devices – register for SIPit now. If you are a customer and have seen issues in this area, remind your vendors to participate. The more we are, the more time we can spend on VoIP protocol security.

The SIPit test events are outstanding places to go and test your software or hardware. For the relatively small fee and your time and travel, you have access to an incredible test bed in the form of all the other vendors participating. Where else will you get to interact with designers and engineers from all the major vendors and not only test your software/hardware, but also re-test your equipment if you try some fixes while you are there.

You still have time to register for SIPit29 and join Olle and others in the security testing.

P.S. If you aren’t aware of the SIPit events, more info can be found on the main SIPit site. They are held twice a year in various locations. The summaries of past SIPit events give you a good flavor for the type of testing that goes on.