Phone Call Security

Mikko Rauhala mjrauhal at cc.helsinki.fi
Tue Jun 5 01:29:31 CEST 2007


[Recipients list pruned...]

ti, 2007-06-05 kello 01:14 +0200, Florent THIERY kirjoitti:
> An option would be some kind of "push-to-talk" : record mp3, crypt
> mp3, PUT mp3 (on a webserver/scp) -- download mp3, decrypt, listen.

Yeah, this has been discussed also. One could stick it on top of Jabber
for instance, gpg encrypted. (Though speex is a more attractive codec
for both freedom and technical reasons here.)

Or, as has been suggested as wiser for latency reasons, create a TLS
tunnel (possibly via a proxy server since the phones may be behind NAT
or otherwise inaccessible) for the first message, send it through that,
keep tunnel open for subsequent messages. With gnutls, the TLS tunnel
could be authenticated with endpoints' gpg keys, which would provide
nice integration with E-mail and file encryption identities.

> I'm not sure this would circumvent the legislative context; for
> instance, is writing encrypted sms illegal ? (i mean, by hand...)

You're not violating laws by using encryption for your purposes in any
civilized country; even in France it's okay nowadays. Though you may
have issues in some wannabe big brother countries like the UK if you
don't turn over your keys to the police if they want them. Consult a
local lawyer.

-- 
Mikko Rauhala   - mjr at iki.fi     - <URL:http://www.iki.fi/mjr/>
Transhumanist   - WTA member     - <URL:http://www.transhumanism.org/>
Singularitarian - SIAI supporter - <URL:http://www.singinst.org/>





More information about the community mailing list