EAP Usage in TLS

Yaron gave a presentation about the IETF draft on EAP Usage in TLS. There are a few concerns being raised about the EAP Applicability Statement. The good news: There are also a number of TLS working group members who like the idea.   There is also another proposals that utilizes the GSS-API: http://tools.ietf.org/wg/tls/draft-santesson-tls-gssapi-01.txt

Making SIP Make Cents

Jason Fischl and myself wrote a document about the SIP Payment work done in the IETF. Here is a short quote: P2P payments using SIP could enable new classes of applications and business models. Unlike with tradition models where the operator charges the user this work aims to target scenarios where

Diameter for Identity Management

At IETF#67 the DIME working group scheduled two tutorials, one for RFC 3588 (Diameter Base Protocol) and another one for RFC 4006 (Diameter Credit Control). Diameter is an important protocol in the space of identity management providing authentication, authorization and accounting capabilities. It is important to mention that Diameter (and


The NATFW NSLP, a protocol to signal to Network Address Translators and Firewalls in a path-coupled manner, is making progress. The latest version is available at: http://www.ietf.org/internet-drafts/draft-ietf-nsis-nslp-natfw-14.txt The presentation slide of today’s meeting can be found here that describes the most recent changes. The changes are described in http://www.stiemerling.org/ietf/nsis/draft-ietf-nsis-nslp-natfw-14-from-13.html A

RTPSEC BOF: Media Security @ IETF

The RTPSEC BOF today produced some interesting results. The BOF chairs asked the participants whether they would like to base the future protocol work on MIKEYv2, ZRTP or DTLS-SRTP. The group was in favor of using DTLS-SRTP. Here is the agenda: http://www3.ietf.org/proceedings/07mar/agenda/rtpsec.html Here are the slides: https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=68#wg-rtpsec  

State of Emergency: VoIP and 911

Here is a nice article by Jonathan Rosenberg about VoIP emergency services: http://www.tmcnet.com/sip/0107/speaking_sip_state_of_emergency_0107.htm Jonathan points to two important aspects: the ongoing work on the LoST (Location to Service Translation) protocol and on the need for networks to be upgraded to be “location aware”. 

SkypePrime and “SIP Payment”

I recently found a nice posting by Dan York about a new service offered by Skype, called SkypePrime. Please find the posting here: http://www.disruptivetelephony.com/2007/03/skypeprime_for_.html: “When you call someone who is a Skype Prime call provider, and you both have the new version of Skype, the provider can initiate what we

Media Security without a PKI

There seems to be a misunderstanding in the current discussion about media security (see http://www.imc.org/ietf-rtpsec/mail-archive/ for a mailing list archive) and the believe that PKI support is demanded by most of the solution proposals. That’s not true! ZRTP and the DTLS protocol for the protection of media traffic are two examples of proposals that do not