watch out - the norwegian version

Watch out!The SIP world is changing. Don’t stay in the past.

[email protected] E. Johansson * [email protected] * Twitter oej© Copyright Edvina AB, Sollentuna, Sweden 2011. All rights reserved.

Warning.High rate of slides/min...

Me.

Twitter:

@oej

@sipv6

@edvina

Blog:www.voip-forum.com

http://www.voip-forum.com

http://www.voip-forum.com

Aftenposten idagAftenposten IDAG!

Where are we?

• SIP is ten years old

• Mostly used for PSTN over IP

• Narrowband audio

• Insecure implementations

• Insecure deployments

BAD!

We can do better.Our customers deserve better.

WE SHOULD BE

ASHAMED!

• We have more smart phones, tablets and other devices than PCs These devices have multimedia - video, audio

• Multimedia is changing - wideband, stereo, 7-1, screen sharing

• The number of users is exploding

The network is changing.

© Copyright 2010, Edvina AB, Sollentuna, Sweden. All rights reserved. Approved distribution only. [email protected]

The network is reachingand end. And a beginning.

• We have no more IPv4 addresses to allocate

• How are we going to build new cloud services, add new devices and build a larger Internet?

• Do you want carrier grade NAT’s?


The network is falling apart.

• We lack a lot of knowledge about networking out there.

• The NAT and Firewall devices are just good enough to handle a minimum level of traffic and predeterimed applications

• Customers need to wake up. Otherwise the clouds will be rain clouds with dangerous thunderstorms.


The network is out of control

There’s no ”inside” and ”outside” any more. If there ever was.

The realtime platform requires better security.

Good news!There are alternatives

SkypeYet another telco monopoly. Only this time,

it’s Internet-based.

Just joking.Let’s take a look at real alternatives.

Building solutions onAsterisk, Asterisk SCF and FreeSwitch and...

IPtelephony

Old stuff

IPtelephony

ChatPresence Video Screen

sharing Games

Systemintegration

Socialnetworks RSS ?

SIP

Internet & IP networks

Welcome to therealtime Internet.

SIP


The social multimedianetwork.

This is not justabout telephony.

SIP


Welcome to therealtime Internet.

What is SIP?

• A protocol to find each other in real time

• A protocol to manage sessions between people

REALTIMEI T ’ S ALL ABOUT NOW.

Building this requiresa bit more than good

old SIP INVITE

200 OK

ACK

Learn new things.

ICE

SIP outbound

GRUU

TLS

GIN - pbx registrations

SIP identity

RTP multiplexing

MSRP

WebRTC

The new kidon the block

• Cooperation between the W3C and IETF

• Bidirectional media between browsers

• Audio, video, text

• The platform for new services

• SIP in the browser (listen to Iñaki!)

WebRTC

The vision

• An open service where we can communicate freely with each other from any device and any network

• First wave propably just between users of the same web service

• Many of us wants open federation - it requires a shared address space and protocol

WebRTC

Dependencies

• The architecture is still discussed

• Will propably depend on ICE, which means dependencies on TURN/STUN as well

• OverSIP and jsSIP presented here today is a good example of the future!

WebRTC

WebRTC• Platform for new cool

applications

• Built into the web browser

• Security-enabled from start

• We’ll still have NAT and firewall issues

• Will it be standardized enough

• Will we need SBCs to handle the connections?

+ -

WebRTC

ICE

Taking us out of the NAT darkness.

ICE

Ice: Show me yours, and I’ll show you mine.

SIP

NATted network

NATted network

Alice

Bob

Cecilia

SIP

Media relay

•All UAs find all their addresses, using STUN

•May allocate an address using TURN

•Sends all addresses as candidates in SDP

•Receipient tries to contact addresses and select best media path

•Supports both IPv4 and IPv6

•IPv6 UAs allocate IPv4 Turn address

ICE

Turn

ICE• Finds the best media path

between two nodes

• Supports IPv4 and IPv6 deployments

• Binds SIP+SDP to actual media

• Used by Microsoft, Apple (FaceTime), Google Hangouts

• Takes time at call setup

• Hard for b2bua’s to support

• Complex for developers

+ -

ICE

Globally Routable device addresses

SIP

NATted network

Alice

Bob

Bob

SIP

SIP

Example.com

astritech.com

The AOR for Alice and Bobbelongs to their proxy. Bob has one

AOR for multiple UAs.

The GRUU points to a device. It is allocatedat registration and belongs to the domain, thus

can be used globally!

GRUU

Builds on SIP outboundUUID URN’s.

Device URIs• Makes transfers and

other SIP in-dialog functions work across domains

• A Contact without IPv4/IPv6 dependencies

• Opens up for multi-device calls (SPLICES)

• Complex RFC

• Adds a bit of complexity to the UA

+ -

GRUU

RFC 4474- SIP identity• A domain implements an authentication service

that signs an identity on outbound messages

• Users identify themselves to domain server (proxy) by other means (Digest, TLS)

• Signs the From: URI (AOR)

AUDIO

SIP

Local Local

SIPIdentity

SIPHTTP auth or

TLS auth

IDENTITY

Can this be connected to federated identity?

• Shibboleth/SAML 2.0/FEIDE

• Draft exists, but no progress. Needs work.

• OpenID

• Oauth

IDENTITY

SIP identity

• Enables trust of identities between domains

• Adds integrity check of SIP messages

• Together with TLS for connections, part of trust platform for an open federation

• Complex RFC

• PKI is always complicated

• Not many implementations, thus very few tests of interoperability

+ -

IDENTITY

What’s missing?Proper solution

for TLS and a PKI.Implementationsof DTLS SRTPkey exchange

End to endsecurity.

Managementof security and configurations.

Customers with theguts to do somethingdifferent.

The next generation realtime network.

• We’ve learned a lot in 10 years of SIP.

• Why hasn’t the IP phones changed?

• New models coming - see Goji for smartphones, Skycall on Norwegian and Panasonic Android SIP phones

Ask yourselves the important question.

Have you become one of the

old PBX-huggers?

The ones that just doesn’t let go.

Why doesn’t mobile office solutionshave blinking lamps and all that stuff?

Summary

• IETF realized that NAT is a big issue and developed GRUU, ICE and Outbound. Use it.

• For security, there’s TLS, S/MIME and SIP/Identity

• A properly architectured SIP architecture can handle much more than telephony.

• Look at Skype, Microsoft Lync and AG Projects product suite for inspiration.

• Only the last company in the list is using open standards!

10 bullet pointsto remember!

The road ahead:

OPEN UNIFIEDCOMMUNICATION

A C C O R D I N G T O E D V I N A


1. Use Open NetworkProtocols



TCP/IP * SIP * XMPP


2. Use Open Source



COOPERATIVE SOFTWARE


3. Use e-mail style addresses.



One address that rule them all!

@


4. Implement with Integrity and Security



BUILDING TRUST FOR NEW SOLUTIONS


5. Implement green anti-travel solutions



VIDEO IS IMPORTANT.


6. Corporate Social Responsibility



OPEN SOURCE = AVAILABILITY FOR THE 3RD WORLD

Building and connecting to a network for everyone.


7. Everything is and should be building

blocks



EVERYTHING SHOULD HAVE AN AN OPEN API


8. Don’t disconnect from the world.



IPv6 NOW


9. Don’t wait for demand



Deliver services to your users.


10. Think different.



The new telephony platform is not about telephony.

...and for these ideas to come true,

you’ll need...


Slides available soon onslideshare.net/oej

Thank you!Any questions?

Twitter: @oej - the rest [email protected]

watch out - the norwegian version

Technology

new devices

new services sip

sipinternet ip networkswelcome

new cloud services

therealtime internet

sip world

explodingthe network

approved distribution