Way back in June 2014, I gave a talk on this topic at the SIP Network Operators Conference (SIPNOC) in Herndon, Virginia. I recorded the audio of the session... but then lost track of the recording. I recently found it and, since much of it is (sadly) still relevant, I decided to release the recording as one of my The Dan York Report audio podcast episodes:
The slides that go with the presentation are available on SlideShare:
Coincidentally, I learned on Facebook over the weekend that my friend Olle Johansson was speaking on this exact topic at the FOSDEM 2016 conference in Brussels this weekend. His slides about SIP & TLS are also available on SlideShare, and he has more recent information - and also the conclusion that we need to use "SIP Outbound" for any of this to work:
Olle's last slide about what we need to do hits on the key points - and I agree with his conclusions.
Let's look at how we can get more TLS used within SIP to bring about a more secure and trusted VoIP infrastructure!