Hi all, recently the ZRTP has been standardized as RFC6189, because the stopping issue of SRTP with 256bit AES key was a dependency and has been now setup as RFC6188 (i wrote something there http://infosecurity.ch/20110411/rfc-6189-zrtp-is-finally-a-standard/) . Now RFC6188 defining AES-192 and AES-256 for SRTP has been defined (http://tools.ietf.org/html/rfc6188) . The SDP SDES descriptor for AES_CM_256_HMAC_SHA1_32 and AES_CM_256_HMAC_SHA1_80 are already defined and implemented in libsrtp as defined in libsrtp/include/srtp.h (SVN version). In libsrtp SRTP with AES-256 bit it's already in-place and we already provided an integration of libsrtp SRTP with AES-256 for the ZORG (http://www.zrtp.org) ZRTP implementation. I am wondering, are there any plan and/or anyone interested in a bounty to implement SRTP/SDES with AES-256 bit into PJSIP? We would be also happy to provide some financing to implement it within Asterisk 1.8 in order to have an interoperable PJSIP+Asterisk 1.8 RFC6188 SRTP running with AES-256bit . Please contact us if anyone is interested to make such implementation, we can make an opensource bounty for it. Regards, Fabio Pietrosanti
