- Where we talk about VoIP, we mean voice, video and IM, and also other solutions that use SIP or Jabber as a foundation (e.g. shared desktop, shared whiteboard)
Just like everything else in FreedomBox, the VoIP solution helps users escape the cloud, keeping contact lists locally, encrypting comms by default, etc
User can host their domain on the FreedomBox (DNS server)
- The same domain(s) and consequently the same email addresses can also be SIP and Jabber addresses
The user can also have external SIP or Jabber accounts, and the FreedomBox can `register' with those external services (e.g. to receive phone calls from regular phones)
- Users should be warned about the lack of privacy if they use legacy-style communications networks, but they shouldn't be prohibited from accessing such things
- The user can use any SIP or Jabber client in their home or elsewhere on the Internet.
The client devices will cache contact lists on the FreedomBox in the usual manner for SIP and Jabber, and so the contact list will appear the same from any client
Can dial regular phone numbers, and if the callee has a FreedomBox, be routed securely
Optional: keeping voicemail messages on FreedomBox
Optional: FXS sockets on the FreedomBox for connection of traditional analog telephones
Optional/more advanced: full multi-user chat/audio/video conferencing server (e.g. SylkServer)
Media stream encryption (SRTP and ZRTP) is typically supported from the client devices and not FreedomBox itself
NAT traversal support: full ICE/STUN/TURN implementation on the FreedomBox
However, if voicemail is required, FreedomBox needs to handle SRTP and ZRTP
- TLS (based on X.509) for setting up SIP and Jabber sessions
Full support for federated VoIP RFCs for both SIP and Jabber
- Some kind of true `peer to peer' mode, such as
- SIP RELOAD for SIP
- Jingle nodes for Jabber
In particular, if the client device (e.g. a desk phone) has no support for Jingle Nodes or RELOAD, the FreedomBox will act as a kind of proxy for p2p communications. The client device will think it is just talking to a normal SIP or Jabber server.
Many of these things can also be implemented in Debian or on an OpenWRT device, so they are not unique to FreedomBox
ejabberd is a fully self-contained Jabber server
- Both TURN servers work with SIP or Jabber clients
- some wrapper/install scripts and maybe web interface needed for setting up the certificates, inserting domain name in config files, etc
- The more communications features that are supported, the more risk of privacy leaks
- e.g. SIP headers contain clues about the user's client device (mobile or desk phone)
- ICE attributes in SDP give clues about the user's local network topology and location
Putting a media proxy (or rtpproxy) on the FreedomBox and forcing all traffic via the proxy is one solution
- However, such solutions involve mangling the SDP, and that leads to ICE failures
Therefore, the FreedomBox might need to be a full SIP B2BUA
- However, such solutions (with a B2BUA) make it harder to do end-to-end PGP authentication of the user identity, as PGP should be used to sign all the contents of the SIP messages
- More exhaustive analysis of VoIP privacy implications:
OpenTelecoms.org aims to encourage VoIP based on open source and open standards
Lumicall aims to provide a convenient and private communications solution for mobile VoIP
Unified Communications on Debian provides a wider overview of VoIP features in Debian
LibrePlanet has a project page for the FSF's high-priority project to provide a viable free replacement for Skype.
WebRTC is a complete free open audio/video communication stack and protocols for the web, designed for web browsers and apps.
Next call: Sunday, October 22nd at 17:00 UTC
Latest news: Stable FreedomBox images - 2017-08-05
This page is copyright its contributors and is licensed under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.