On Thu, 29 Jul 2004, Dave Howe wrote:
Thomas Shaddack wrote:
Sounds like an anonymous Diffie-Hellman session key, wrapped in marketing bullshit. Usable, but susceptible to MITM.
Unless I am reading this wrong, it is much, much worse than that - it seems to say that, unless you are running your own server (which requires a DNS entry and server rights, etc), the session key is being generated at the central server and *issued* to the two parties - with all the third party compromise, LEAK order problems and sheer poor design issues that implies.
Didn't thought about this. Noticed the "generated by server" thing, but thought it'll be a local process collecting entropy from some hardware source. Yes, your Honor, I admit I am guilty from assuming lack of stupidity on the vendor side. :(
SIP *has* a crypto negotiation field in the protocol - why aren't they using that, instead of "rolling their own"?
Perhaps because they don't want to make a really secure system, aren't aware about this possibility, were politely told to not use it by some Third Party, don't know how to do it this way...? Maybe it could be a good idea to ask them.