Since I started doing VoIP related work full time I am finding I have less time and energy to grind forward on certain… shall I say nagging aspects of VoIP in general. In particular TLS and SRTP. Sure, I was able do to the tutorial and get Blink to work with Asterisk 1.8.X ( a tip is that if you are using the FreePBX Distro - you may need to grab Asterisk and untar it to run the script - https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial )
While I did the tutorial, I also started looking at X-Lite, Bria, etc… Snom, Polycom, and Aastra IP Phones and how one might extrapolate.
Naturally they are vary slightly in how they access and/or store keys for encryption.
Next problem is we often weave several Asterisk/FreePBX systems and so the real picture is several CentOS boxes and VoIP Devices. This reads as a key management issue followed by a vendor specific key storage and retrieval issue.
So, what is the point of all this diatribe you might ask ?
I need help.
Perhaps a few pointers in adopting MIKEY on CentOS > http://www.scribd.com/doc/52374665/90/Key-Management-for-SRTP-–-MIKEY
And/or if anyone has contacted Aastra and worked out the key access for the 67XX series of phones ?
For now I am just going to continue to mess with Blink keep after Aastra ( tempted to try Snom 1st) and muddle forward.
If we can put together some working procedures surrounding TLS / SRTP it would be a good thing.