quetwoThat VoIP GuyPremium
East Lansing, MI
|reply to nitzan |
My point is, however, security and encryption exists for many PBXes, but many of the smaller vendors (mostly the softswitch vendors), choose not to use the TIA protocols. H.323, for example, has a very well defined annex spec that specificies DSA based encryption between two end points. Many of the SIP vendors (Polycom, etc), choose not to invest in these technologies. It's just typical of the free/OSS world.
I tell my customers that it is to be assumed that the PSTN is secure from most sources, government aside. It is considered much more secure than any TCP/IP transport, and more secure than any mobile connection (Cell/portable). Inter-tamdem communications are considered very private, as many of the tap-points that are commonly used for wide-range snoops are at Class I and Class II offices. (T), our ILEC will always tap upon a government request, but for the most part, those do require a signed suponea.
CALEA pretty much dictiates that you be able to provide a tap at the point of PSTN interconnection. So, yes, you cannot facilitate end-to-end encryption over the PSTN without a HLS waiver. However, CALEA does not apply for interswitch communications, and switch-to-endpoint communications. It only applies if you act as a "gateway to other services". Our lawyers have interperated this as the communication from one of our customers to the outside only. Encrption between the customer and you should not be an issue in this case. If you act as an ISP, you are only to be concerned that you are able to tap the data from the customer to the next POP; you sholdn't care of the payload.