[sip-comm] [proposal] MIKEY support


#1

Hello Ingo,

I´m surprised to see that the libmikey code is already being ported to JAVA by someone. Additionally it is not only JAVA, but it is also done for working with SIP communicator. It would be great if you could add it to SIP communicator´s SVN repository one day.

Regards,
Michael

···

----- Original Message -----

From: Bauersachs Ingo

Sent: 11/03/10 04:24 PM
To: users@sip-communicator.dev.java.net
Subject: RE: [sip-comm] [proposal] MIKEY support

Hello

> SIP Communicator is using ZRTP. Well ZRTP is a good idea, but reading

> http://www.minisip.org/publications.html MIKEY + Diffie Hellman seem to

> be "better", as it has "perfect forward secrecy" according to

> http://tools.ietf.org/html/rfc3830

> [...]

>

> So, the underlying libmikey on minisip´s homepage is provided with GPL

> license, but probably written in C. But I am asking myself whether there

> is a chance to get it into SIP Communicator?

We'd definitely be interested in integrating this at some point.

However, it's not something that's currently on the roadmap, so we'd

need someone to either contribute or fund it.

We, the University of Applied Sciences Northwestern Switzerland (FHNW), have ported minisip's MIKEY-Library to Java (well, at least everything necessary for DH Key Exchange). We don't know yet where we are going to publish the library, but as the original code is LGPL we're definitely going to publish it somewhere.

Currently I'm integrating it into a local branch of Sip-Communicator for a project which handles the issue that most users don't have a digital certificate signed by a well-known certificate authority. But the MIKEY handling itself and the certificate thing are completely separated and we would definitely be interested in contributing (at least) the MIKEY part into the main source of Sip-Communicator.

Apart from not having completed the integration, I/we would need to work on the issues with BouncyCastle under OSGi, of course checking whether my modifications of existing sources are "right" and probably some other stuff which is going to pop up before any code could be committed.

Regards,

Ingo

--

University of Applied Sciences Northwestern Switzerland

School of Engineering

Institute for Mobile and Distributed Systems

Ingo Bauersachs

BSc FHNW, Scientific Assistant

Steinackerstrasse 5

CH 5210 Brugg-Windisch

www.fhnw.ch/technik