[AVT] Questions on TLS partial encryption applied to RTP and RTCP security encapsulation
Lakshminath Dondeti <ldondeti@qualcomm.com> Mon, 06 March 2006 11:18 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FGDjA-000374-2P; Mon, 06 Mar 2006 06:18:12 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FGDj8-00035X-9I for avt@ietf.org; Mon, 06 Mar 2006 06:18:10 -0500
Received: from ithilien.qualcomm.com ([129.46.51.59]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FGDj6-0004ef-VA for avt@ietf.org; Mon, 06 Mar 2006 06:18:10 -0500
Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by ithilien.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id k26BI6Ms026813 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 6 Mar 2006 03:18:07 -0800
Received: from LDONDETI.qualcomm.com (qconnect-10-50-76-20.qualcomm.com [10.50.76.20]) by crowley.qualcomm.com (8.13.5/8.12.5/1.0) with ESMTP id k26BI3oH000426 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 6 Mar 2006 03:18:05 -0800 (PST)
Message-Id: <6.2.5.6.2.20060306015211.04007598@qualcomm.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 06 Mar 2006 02:44:07 +0900
To: ekr@networkresonance.com
From: Lakshminath Dondeti <ldondeti@qualcomm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 97adf591118a232206bdb5a27b217034
Cc: avt@ietf.org, Hannes.Tschofenig@siemens.com
Subject: [AVT] Questions on TLS partial encryption applied to RTP and RTCP security encapsulation
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Errors-To: avt-bounces@ietf.org
Hi Eric,
After reading the partial encryption spec more closely (this is the
last one in this suite of drafts for me I think :-)), I have more
questions on using that technique with DTLS for RTP and RTCP security
encapsulation. I guess the questions apply to partial encryption in general.
The partial encryption I-D notes that
"
The InitialClearBytes value contains the number of bytes which will
be in the clear for each application_data record. This value will
obtain for the entire life of this association.
"
That seems to make it difficult for variable length headers to be in
the clear. I don't know much about RTP and RTCP, but RTP does allow
variable number of CSRCs and also optional extension headers.
SRTCP might be ok, although you may need to consider adding an
explicit packet index as in 3711 in draft-tschofenig-avt-rtp-dtls-00.
Another general question I have is about long RTP/RTCP (or any
application) packets (e.g., Video) and whether partial encryption
puts restrictions on packet lengths defined elsewhere (RTCP packets
can be ~ 2^16 32-bit words in length, although I am not sure whether
that is ever the case in practice. My recollection is there is 2^14
length restriction on DTLS records. My numbers could be off though).
I am still trying to piece this all together and looking for
clarifications. Thanks in advance.
best regards,
Lakshminath
_______________________________________________
Audio/Video Transport Working Group
avt@ietf.org
https://www1.ietf.org/mailman/listinfo/avt
- [AVT] Questions on TLS partial encryption applied… Lakshminath Dondeti