« New Audio comment line number - +1-415-830-5439 (and ditching K7.net) | Main | Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam's cyberdissidents, VoIP security news, listener comments and more... »

December 19, 2007

Blue Box SE#022 - SIP NAT Traversal discussion with Jonathan Rosenberg

Synopsis: Interview about SIP NAT Traversal with Dr. Jonathan Rosenberg, Cisco Fellow and author of many RFCs and Internet-Drafts related to SIP for the Internet Engineering Task Force (IETF).

Welcome to Blue Box: The VoIP Security Podcast Special Edition #20, a 25-minute interview with Dr. Jonathan Rosenberg about SIP and NAT Traversal.  Recorded at Interop New York in October 2007.

Download the show here (MP3, 13MB) or subscribe to the RSS feed to download the show automatically.

You may also listen to this podcast right now:

Show Content:

In this Special Edition, I sat down with Dr. Jonathan Roseberg at Interop New York in October 2007 to talk about SIP NAT Traversal. Jonathan, a Cisco Fellow, has authored many RFCs related to SIP for the Internet Engineering Task Force (IETF) and in fact was a co-author of RFC 3261, the original specification for the SIP protocol.  He is also the author of "The Hitchhiker's Guide to SIP", a document that aims to help people find their way through all the many documents that today make up what we call "SIP".

For the past few years, Jonathan has been extremely involved in the whole issue of SIP and NAT traversal and has authored several of the major Internet-Drafts on the issue.  In this interview, we discuss:

  • What the issue is with SIP and NAT traversal
  • How ALGs and SBCs attempt to solve the problem
  • Methods that have been developed by the IETF, specifically:
    • STUN
    • TURN
    • ICE
  • The role of ICE going forward, who is supporting it, etc.

I believe you will find it a very educational session and very helpful in understanding this major issue with regard to SIP.  We thank Jonathan Rosenberg for his time.

If you enjoy this show, we would also suggest you go back and listen to Blue Box Special Edition #20, our interview with Cullen Jennings about SIP security.  The two shows complement each other extremely well and provide a solid understanding of the current state of SIP security.

Comments, suggestions and feedback are welcome either as replies to this post  or via e-mail to blueboxpodcast@gmail.com.  Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows.  You may also call the listener comment line at either +1-415-830-5439 or via SIP to 'bluebox@voipuser.org' to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

Posted by Dan York on December 19, 2007 at 07:37 PM in Blue Box, Podcasts, VoIP Security |

Technorati Tags: , , , , , , , , , , , , , , , ,

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/316979/24370126

Listed below are links to weblogs that reference Blue Box SE#022 - SIP NAT Traversal discussion with Jonathan Rosenberg:

» Want to understand SIP and NAT traversal? Listen to this interview from Speaking of Standards
Have you ever wanted to understand why SIP doesnt work so well across NAT devices and firewalls? Have you heard of STUN, TURN or ICE but didnt know what they were or how they worked? Over on my Blue Box podcast site Ive just uplo... [Read More]

Tracked on December 20, 2007 at 03:48 PM

» Blue Box Special Edition #22: SIP and NAT Traversal from Voice of VOIPSA
Blue Box Special Edition #22 is now available which explores and explains the details around SIP and NAT traversal. In this interview I sat down with Dr. Jonathan Rosenberg, a Cisco fellow and author of a wide range of RFCs and Internet-Drafts relate... [Read More]

Tracked on December 20, 2007 at 03:49 PM

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In

The Obligatory Photo

Promote Blue Box!

  • Add this graphic to your site!

Contact Information

Full Disclosure

  • Dan York, CISSP, is the Best Practices Chair of the VOIP Security Alliance (VOIPSA) and the Director of Emerging Communication Technology for Voxeo.

    Jonathan Zar is affiliated with Pingalo and is the Secretary of VOIPSA and member of the Board of Directors.

    This is a personal project and neither Voxeo, Pingalo nor VOIPSA have any formal connection to this podcast. In the interest of transparency we just thought you should know our affiliations.

License

Why "Blue Box"?

  • We chose the name "Blue Box" primarily as a nod to the era of phone phreaking in part to illustrate that threats to telephony are not new - they just continue to change and evolve. That and admittedly the name just sounded cool.

Archives

More...

Categories

VoIP Podroll

Blue Box MP3 Files