Secure telephones

Jack Lloyd lloyd at
Sun Jul 18 11:51:40 PDT 2004

On Sun, Jul 18, 2004 at 07:31:59PM +0100, Dave Howe wrote:

> OpenVPN is of course built on SSL, and can use either X509 certificates 
> or a preshared key for authentication. Sadly, there is no convenient way 
> to use DNS-SEC key records for OpenVPN.

How well is VoIP going to work over SSL/TLS (ie, TCP) though? I've never used
any VoIP-over-TCP software before, but some people I know who have say it sucks
(terrible latency, sometimes as bad as 5-10 seconds). That may have just been
an artifact of a bad implementation, though. DTLS might be a better pick for
securing VoIP. There's also SRTP.

More information about the cypherpunks-legacy mailing list