‹ Back
Deploy360 3 July 2013

Comments? Olle’s Thoughts on SIP (VoIP) and DNSSEC / DANE

Dan York
By Dan YorkDirector, Online Content

How you you think DNSSEC and specifically DANE could be used with the Session Initiation Protocol (SIP) to provide an added layer of security to voice / video communications over IP? (a.k.a. “VoIP”)   I started raising this question back in a presentation at SIPNOC 2013 and again in a recent VUC interview about DNSSEC and VoIP, but today to my delight Olle Johansson dove a bit deeper with a set of slides about SIP and DNSSEC / DANE he posted up on SlideShare. These are just his “brainstorming” a bit about how DNSSEC/DANE could work with SIP – and he has posted them for comment and feedback:

I like that he went deeper than I had done into precisely where in the SIP interactions DNSSEC / DANE could play a role.  Olle is definitely looking for comment which you can leave in many different places (such as SlideShare, this blog post, anywhere it’s posted on social networks) or can send directly to Olle or send out on the DANE working group mailing list.

I’m pleased to see the continued evolution of this discussion… and I look forward to seeing more work happen in this space.  (Note that I’ve set up a page here about DNSSEC and VoIP to track where some of this work is happening (and am always looking for items to add).)

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...

Join the conversation with Internet Society members around the world