Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)

10
The Open Communication Revolution
© Copyright 2014 Edvina AB, Sollentuna, Sweden. All rights reserved.
4 1
@oej

Mark Spencer created Asterisk.
15 years ago this year.

ASTERISK
VONAGE
WANNABEES
KILL THE
TELCO
OPEN SOURCE

A different time.
10 years ago.

We need to move forward,
make new mistakes.

Where are we?
Open Source is accepted
in business and for personal use
(Android!)
Open Source telephony is used by
carriers and enterprises
world wide.
SIP is taking over from ISDN.
Everywhere.
We are no longer the cool guerilla.
We’re just doing normal business.

2014 Examples from the life of an Open Source contributor.

EXECUTIVE SUMMARY
KAMAILIO
SIP NETWORKS
LYNC CERTIFICATION
OF ASTERISK
IETF WORK
ON IPv6, DANE AND SIP
ASTERISK
IMPROVEMENTS

INTENO
ASTERISK EMBEDDED
IN BROADBAND ROUTER
HOME TELEPHONY AND
SMALL BUSINESS PBX
CARE PHONES/ALARMS
REMOTE HOLD, DNS SRV AND
OTHER ASTERISK
IMPROVEMENTS

BRESSNER Technology
ASTERISK EMBEDDED
IN ISDN GATEWAY
LYNC CERTIFICATION
SMALL BUSINESS PBX
COMFORT NOICE/SILENCE
SUPPRESSION IN ASTERISK

CARRIERS: Lync trunks
ASTERISK FOR LYNC
RTCP/RTP
IMPROVEMENTS
PRACK
CAUSE CODE HANDLING,
PACKET REORDERING

CARRIERS
(Just SIP, not Lync)
SCALABLE SIP
PLATFORMS
TLS/SRTP TRIALS
KAMAILIO EVERYWHERE
TRAINING, ARCHITECTURE,
INSTALLATION, TESTS

CALL CENTERS
SCALABLE SIP
PLATFORMS
ASTERISK AT CORE
RTP/RTCP IMPORTANT
MEDIA IN FOCUS

SWEDISH PUBLIC RADIO
KAMAILIO SIP NETWORK
HIGH AUDIO QUALITY
RADIO BROADCAST
EBU STANDARD

IETF & The SIP Forum
SIP IPv6 DUAL STACK
SIP CERTIFICATES IN
DNSSEC - DANE
WEBRTC
STUN/DANE

ASTERISK IMPROVEMENTS
CAUSE CODE HANDLING
COMFORT NOICE/
SILENCE SUPPRESSION
REMOTE HOLD
RTCP CALL QUALITY
RECORDS
DNS SRV DONE RIGHT
PRACK SUPPORT
DTMF DURATION
PACKET REORDERING

WHERE?
IN MY PRIVATE VERSION OF
ASTERISK AND ON DIGIUM’S
SVN SERVER.
NOT IN THE ASTERISK
OFFICIAL CODE BASE.

WILL I STILL BUILD LIKE THIS
TWO YEARS FROM NOW?
KAMAILIO
ASTERISK

WHERE DOES
WEBRTC FIT IN?
I DON’T THINK WE ARE EVEN
CLOSE TO UNDERSTAND THAT.
BIG CHANGES TAKE
TEN YEARS

Where we are going
SIP
RECORDING
WEBRTC
SERVICE
???
MEDIA BACKBONE
MIXER TRANSCODI
NG
EFFECTS

This part is missing
RECORDING
MEDIA BACKBONE
MIXER TRANSCODI
NG
Project X
EFFECTS

INTERNET
COMMUNICATION OTT
Everything is IP. Bypassing carriers over IP.
BECOME
THE TELCO
OPEN SOURCE!
Push the telco down the stack. Get a quick start.

SIP RTP
API
HTTPS
XMPP HTTP

BRAND
NAMES
PRIVATE
PROTOCOLS
ISOLATED
ISLANDS
VENTURE
CAPITAL

Not moving SIP forward.
Where are you???
RFC 3261

IPV4 NAT
CARRIER GRADE NAT
NETWORKING
KNOWLEDGE

THE MOST IMPORTANT
PROBLEM…

We can work on all of that.

Open Source can move
fast and is a community
effort. A shared resource.

(Unless there are too much
bureaucracy in the way.
Which can happen to
Open Source projects too.)

BENEFITS OF
OPEN SOURCE
LOWER COSTS FOR EVERYONE
FASTER ADAPTION TO CUSTOMER
NEEDS.
SECURITY COMES NATURALLY
COMPETITIVE MARKETPLACE

Open Source will take
you there.
• Low cost per customer
• Innovation, security and
(sometimes) stability
• Open Standards and
Interoperability
© Copyright 2010, Edvina AB, Sollentuna, Sweden. All rights reserved. Approved distribution only. info@edvina.net

Open.
SYSTEMS PROTOCOLS
NETWORKS SOURCE

Internet

INTEROPERABILITY.
What every network
engineer gets paid to work with.
But too many forget…

INTEROPERABILITY.
Take it back. You have
earned it.

10
4 1

2005-2012: 10 to-do list items
OPEN SOURCE
SECURITY
10
IPv6
ENVIRONMENT
FEDERATE
INTEROPERABILITY
OVERLOAD.
…

4 2013: FOUR THINGS
SECURITY
IPv6
FEDERATE
OPUS!

LET’S FOCUS
ON ONE THING. 1

Ready?

The Internet is under attack. #moreCrypto

OPPURTUNISTIC
SECURITY.
A BASE LAYER OF INTEGRITY.
NOT FULL SECURITY, BUT
BETTER THAN NOTHING.

BUILD TRUST.
SECURITY BY DEFAULT.
BUILD GOOD STUFF.

LET’S GET
EVERYONE ABOARD.
PROVIDER:CE
OP^2
2015 is the year
of realtime security.
OPENSIPS
ELASTIX
FREEPBX
KAMAILIO
YATE
OPENBTS
FREESWITCH
ASTERISK
BLINK
SYLKSERVER
JSSIP
BARESIP
????
EKIGA
EKIGA
RESIPROCATE
PJSIP
EDVx
REPRO
ZOIPER

1 TODO-LIST FOR 2015
SECURE ALL COMMUNICATION BY DEFAULT

WHAT THIS MEANS FOR SIP
CALLS
USE TLS ALWAYS.
TEST IF IT IS OPEN AND USE IT.
INVITE WITH SRTP.
IF IT FAILS, OPTIONALLY FALL BACK.

We are leaving the
commercial CA
SIPDANE
Using DNSsec to verify TLS certificates.

WHEN BUYING SIP TRUNKS
REQUIRE TLS. REQUIRE SRTP.
REQUIRE DNS. REQUIRE IPv6.

Different needs. Different solutions.
SECURE CALLS:
TLS AUTHENTICATION/CRYPTO
DTLS SRTP KEY EXCHANGE
WE CAN IMPROVE SECURITY FOR ALL CALLS,
YOU DO NOT
WANT TO LOOSE
THE TRUST OF YOUR
USERS AND CUSTOMERS.
REGARDLESS OF DEFAULT CONFIGURATION.

#morecrypto
in SIP, XMPP, RTP. WEBRTC and other realtime
platforms.
Thank you.

1 TODO-LIST FOR 2015
SECURE ALL COMMUNICATION BY DEFAULT @oej @realtimesec

Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)

Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)

Recommended

More Related Content

Similar to Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)

Similar to Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)(20)

More from Olle E Johansson

More from Olle E Johansson(20)

Recently uploaded

Recently uploaded(20)

Reboot the Open Realtime Revolution - #MoreCrypto (Fall 2014)