Jack Lloyd wrote:
How well is VoIP going to work over SSL/TLS (ie, TCP) though? you can do SSL over UDP if you like - I think most VPN software is UDP only, while OpenVPN has a "fallback" TCP mode for cases where you can't use UDP (and TBH there aren't many)
I've never used any VoIP-over-TCP software before, but some people I know who have say it sucks (terrible latency, sometimes as bad as 5-10 seconds). PGPfone had that problem, even over landlines (no IP involved) - however, I think that was more do to with the compression codecs and the crypto than any external problems, as switching to half-duplex usually cleared the problems up.
That may have just been an artifact of a bad implementation, though. DTLS might be a better pick for securing VoIP. There's also SRTP. The strength of a pure VPN solution is that you aren't limited to *just* VoIP - you can transfer files, use whiteboarding, run videoconferencing, support text channels..... even play games :)