nanog mailing list archives
Re: Vonage complains about VoIP-blocking
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Tue, 15 Feb 2005 20:48:04 -0500
In message <Pine.GSO.4.58.0502152015130.16931 () clifden donelan com>, Sean Donela n writes:
On Tue, 15 Feb 2005, Hannigan, Martin wrote:Unfortunately, TFTP is the only protocol that many phone vendors implement -- and VoIP operators aren't happy about it. Some vendors have started implementing HTTP(S), but it's far from common at this point.Wouldn't there be a fee to utilize https?Only if you like giving $995 to Verisign for fancy SSL certificates. Most https phones can use locally issued X.509 certificates for the download. Some use a manufacturer issued root certificates if you want to get fancy and use code signing, etc. Not the same problem as Microsoft Internet Explorer trusting every root certificate in its cache. IP phones usually have a very short certificate trust list in the phone.
Precisely. You not only don't need a Verisign cert for this, you don't want one. The phone should trust the authorized operator, which bears no relationship to an identity that Verisign (or whomever) attests to. The really interesting question, to me, is how to let users provision their phones to talk to the operator of their choice. The simplest solution is probably something like a SIM; it would contain the customer subscription data and the operator's CA certificate. Switching providers would be as simple as switching SIMs. (Of course, that assumes that this time we can avoid SIM-locking nonsense....) --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- RE: Vonage complains about VoIP-blocking, (continued)
- RE: Vonage complains about VoIP-blocking Michael Hallgren (Feb 15)
- RE: Vonage complains about VoIP-blocking Nathan Allen Stratton (Feb 15)
- RE: Vonage complains about VoIP-blocking Michael Hallgren (Feb 15)
- Re: Vonage complains about VoIP-blocking Chris Parker (Feb 15)
- Re[2]: Vonage complains about VoIP-blocking C. Hagel (Feb 16)
- Re: Re[2]: Vonage complains about VoIP-blocking Stephen Sprunk (Feb 16)
- RE: Vonage complains about VoIP-blocking Nathan Allen Stratton (Feb 15)
- Re: Vonage complains about VoIP-blocking Stephen Sprunk (Feb 15)
- RE: Vonage complains about VoIP-blocking Sean Donelan (Feb 15)
- Re: Vonage complains about VoIP-blocking Steven M. Bellovin (Feb 15)
- Re: Vonage complains about VoIP-blocking Sean Donelan (Feb 15)
- RE: bad Vonage connection, was Vonage complains about VoIP-blocking John R Levine (Feb 15)
- RE: bad Vonage connection, was Vonage complains about VoIP-blocking Daniel Senie (Feb 16)
- Re: bad Vonage connection, was Vonage complains about VoIP-blocking John Levine (Feb 16)
- RE: bad Vonage connection, Jeffrey Race (Feb 16)
- Re: bad Vonage connection, John Levine (Feb 17)