Re: [AVTCORE] Suite B Profile for DTLS-SRTP Internet-Draft
"Igoe, Kevin M." <kmigoe@nsa.gov> Fri, 10 June 2011 15:34 UTC
Return-Path: <kmigoe@nsa.gov>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1564C11E8090 for <avt@ietfa.amsl.com>; Fri, 10 Jun 2011 08:34:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pBdooG9e4oeF for <avt@ietfa.amsl.com>; Fri, 10 Jun 2011 08:34:16 -0700 (PDT)
Received: from msux-gh1-uea01.nsa.gov (msux-gh1-uea01.nsa.gov [63.239.65.39]) by ietfa.amsl.com (Postfix) with ESMTP id 364D211E81F8 for <avt@ietf.org>; Fri, 10 Jun 2011 08:34:15 -0700 (PDT)
Received: from MSCS-GH1-UEA02.corp.nsa.gov (localhost [127.0.0.1]) by msux-gh1-uea01.nsa.gov (8.12.10/8.12.10) with ESMTP id p5AFYCRk029036; Fri, 10 Jun 2011 15:34:13 GMT
Received: from MSIS-GH1-UEA06.corp.nsa.gov ([10.215.228.137]) by MSCS-GH1-UEA02.corp.nsa.gov with Microsoft SMTPSVC(6.0.3790.3959); Fri, 10 Jun 2011 11:34:12 -0400
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Fri, 10 Jun 2011 11:33:49 -0400
Message-ID: <80F9AC969A517A4DA0DE3E7CF74CC1BB425B27@MSIS-GH1-UEA06.corp.nsa.gov>
In-Reply-To: <4DF2382E.6030303@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [AVTCORE] Suite B Profile for DTLS-SRTP Internet-Draft
Thread-Index: Acwngxoj5iWN615HQyG6i+bJvz5jRQAADHTQ
References: <4FD125153A070D45BC87645D3B880288025A13CACB@IMCMBX3.MITRE.ORG> <4DE4AC77.9050501@ericsson.com> <80F9AC969A517A4DA0DE3E7CF74CC1BB425B19@MSIS-GH1-UEA06.corp.nsa.gov> <4DE5F3CB.80304@ericsson.com> <4DE613ED.6090503@net-zen.net> <4DE6235A.1030703@ericsson.com> <4DE63AD8.6020301@net-zen.net> <4DE64541.2070603@ericsson.com> <80F9AC969A517A4DA0DE3E7CF74CC1BB425B1D@MSIS-GH1-UEA06.corp.nsa.gov> <4DF2382E.6030303@ericsson.com>
From: "Igoe, Kevin M." <kmigoe@nsa.gov>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
X-OriginalArrivalTime: 10 Jun 2011 15:34:12.0355 (UTC) FILETIME=[D91B5D30:01CC2783]
Cc: avt@ietf.org
Subject: Re: [AVTCORE] Suite B Profile for DTLS-SRTP Internet-Draft
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jun 2011 15:34:17 -0000
Thanks for sparing the time to review this. At this late date we'll keep going as an individual submission. With a bit of luck this will be finished before the snow flies. > -----Original Message----- > From: Magnus Westerlund [mailto:magnus.westerlund@ericsson.com] > Sent: Friday, June 10, 2011 11:29 AM > To: Igoe, Kevin M. > Cc: Glen Zorn; avt@ietf.org > Subject: Re: [AVTCORE] Suite B Profile for DTLS-SRTP Internet-Draft > > Hi Igor, > > I have now actually reviewed your document in a bit more detail. And I > am sorry for having confused the matter a bit. I didn't quite > understand > the purpose of this document initially. But it is clear to me now that > your draft doesn't define new components to SRTP. > > My understanding is that it really only specifies the DTLS-SRTP > protection profile and acceptable procedures to meet the suite-B > requirements when it comes to the DTLS procedures. > > Thus I don't think it is necessary for us to have it as a WG item. > Although I think it would be good that you inform the WG on the > progress > and let us know about any ongoing last calls. > > Do you plan to continue to publish this as an individual submission > directly to the Area Director, or find a WG home for it? > > > > As an suggestion for how to improve the document, I note that you > appear > to be lacking an IANA consideration section. You need such a one to > request that the 4 specified DTLS-SRTP protection profiles are > registered. > > Best Regards > > Magnus > > > > > On 2011-06-01 20:58, Igoe, Kevin M. wrote: > > Our intent wasn't to break new ground by introducing a new primitives > (GCM) > > > > and DTLS) into SRTP, but rather to follow in the footsteps of an > > existing work: > > > > > > > > For GCM we have: > > > > --------------------------------------------------------------------- > ---- > > > > Network Working Group D. > McGrew > > > > Internet Draft Cisco Systems, > Inc. > > > > Intended Status: Informational January 26, > 2011 > > > > Expires: July 30, 2011 > > > > > > > > > > > > AES-GCM and AES-CCM Authenticated Encryption in Secure RTP (SRTP) > > > > draft-ietf-avt-srtp-aes-gcm-01 > > > > > > > > Abstract > > > > > > > > This document defines how AES-GCM, AES-CCM, and other > Authenticated > > > > Encryption with Associated Data (AEAD) algorithms, can be used to > > > > provide confidentiality and data authentication mechanisms in the > > > > SRTP protocol. > > > > --------------------------------------------------------------------- > ---- > > > > (This had an earlier incarnation as draft-mcgrew-srtp-aes-gcm-01, but > this > > > > draft eventually expired.) > > > > > > > > For DTLS we have: > > > > --------------------------------------------------------------------- > ---- > > > > Internet Engineering Task Force (IETF) D. > McGrew > > > > Request for Comments: 5764 Cisco > Systems > > > > Category: Standards Track E. > Rescorla > > > > ISSN: 2070-1721 RTFM, > Inc. > > > > May > 2010 > > > > > > > > > > > > Datagram Transport Layer Security (DTLS) Extension to Establish > Keys > > > > for the Secure Real-time Transport Protocol (SRTP) > > > > > > > > Abstract > > > > > > > > This document describes a Datagram Transport Layer Security (DTLS) > > > > extension to establish keys for Secure RTP (SRTP) and Secure RTP > > > > Control Protocol (SRTCP) flows. DTLS keying happens on the media > > > > path, independent of any out-of-band signalling channel present. > > > > --------------------------------------------------------------------- > > > > > > > > There is an existing Suite B for TLS (currently undergoing a "bis"): > > > > --------------------------------------------------------------------- > > > > Network Working Group M. > Salter > > > > Request for Comments: 5430 National Security > Agency > > > > Category: Informational E. > Rescorla > > > > Network > Resonance > > > > R. > Housley > > > > Vigil > Security > > > > March > 2009 > > > > > > > > > > > > Suite B Profile for Transport Layer Security (TLS) > > > > > > > > Status of This Memo > > > > > > > > This memo provides information for the Internet community. It > does > > > > not specify an Internet standard of any kind. Distribution of > this > > > > memo is unlimited. > > > > --------------------------------------------------------------------- > - > > > > > > > > > > > > We wish only to show how to put these three documents together to get > > > > Suite B for DTLS-SRTP. > > > > > > > > Do you still think we should go thru avtcore? > > -- > > Magnus Westerlund > > ---------------------------------------------------------------------- > Multimedia Technologies, Ericsson Research EAB/TVM > ---------------------------------------------------------------------- > Ericsson AB | Phone +46 10 7148287 > Färögatan 6 | Mobile +46 73 0949079 > SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com > ----------------------------------------------------------------------
- [AVTCORE] Suite B Profile for DTLS-SRTP Internet-… Peck, Michael A
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Magnus Westerlund
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Igoe, Kevin M.
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Magnus Westerlund
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Glen Zorn
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Glen Zorn
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Magnus Westerlund
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Peck, Michael A
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Glen Zorn
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Magnus Westerlund
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Igoe, Kevin M.
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Magnus Westerlund
- Re: [AVTCORE] Suite B Profile for DTLS-SRTP Inter… Igoe, Kevin M.