Re: [AVTCORE] I-D Action: draft-ietf-avt-srtp-not-mandatory-11.txt

Magnus Westerlund <> Mon, 26 November 2012 08:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A103021F85C5 for <>; Mon, 26 Nov 2012 00:08:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -106.249
X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id JaV2yfcNY61G for <>; Mon, 26 Nov 2012 00:08:05 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 52FEC21F85B1 for <>; Mon, 26 Nov 2012 00:08:04 -0800 (PST)
X-AuditID: c1b4fb2d-b7f1e6d000002d2c-4b-50b323636f56
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id 9E.C0.11564.36323B05; Mon, 26 Nov 2012 09:08:04 +0100 (CET)
Received: from [] ( by ( with Microsoft SMTP Server id; Mon, 26 Nov 2012 09:08:04 +0100
Message-ID: <>
Date: Mon, 26 Nov 2012 09:08:02 +0100
From: Magnus Westerlund <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Harald Alvestrand <>
References: <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFuplluLIzCtJLcpLzFFi42KZGfG3RjdFeXOAwWNZi5c9K9ktjvV1sTkw eVyZcIXVY8mSn0wBTFFcNimpOZllqUX6dglcGf+uzmYpeCNQMWmLUgPjAd4uRk4OCQETiatT vzBC2GISF+6tZ+ti5OIQEjjJKLG1/RczhLOcUeJf02amLkYODl4BbYmH36xAGlgEVCUu/P7G BmKzCVhI3PzRCGaLCvhKzNrziwnE5hUQlDg58wkLiC0ioCPxcH8DWJxZQEDi/9pmdhBbWMBb YkbHAmYQW0hgGqPE/QZukFWcAroSJ7/YQtwmKbFoWicLRKuexJSrLYwQtrxE89bZUK3aEg1N HawTGIVmIdk8C0nLLCQtCxiZVzGy5yZm5qSXG25iBAbpwS2/dXcwnjoncohRmoNFSZyXK2m/ v5BAemJJanZqakFqUXxRaU5q8SFGJg5OqQZG7hzFPVsrZh+4vExyZ9qDa9G+JcdzNPPL2J4b 2N75NuVTj7uIi0fOmi19BvF/ctzTA75fnNUZLya1pONTkXJ6+ise2wJVS8Zvv90Wil75KCf9 PeTmimU9nZY7F97da6c6rUSO+7hs6V3plToTi3Xe7FH/wc93fm/4yai6F5Y1n8411qTsTWJW YinOSDTUYi4qTgQAN7ZI3SACAAA=
Subject: Re: [AVTCORE] I-D Action: draft-ietf-avt-srtp-not-mandatory-11.txt
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 26 Nov 2012 08:08:06 -0000

Hi Harald,

On 2012-11-25 00:46, Harald Alvestrand wrote:
> On 11/19/2012 11:59 PM, Colin Perkins wrote:

> One thing I did not understand about the new section 6 ....
> It describes RTP/AVPF as a profile that is an example of where a single
> security mechanism is not reasonable to mandate, because it's used in
> many other contexts.
> I think that's OK - but isn't it true that RTP/AVPF *disallows* the use
> of SRTP, since it would then be RTP/SAVPF?
> This can be confusing to the reader - it may be clearer if one mentions
> explicitly that the RTP/AVPF, which is a set of building blocks that
> don't need a security mandate, is used to build RTP/SAVPF, which *is* a
> security mandate.
> Or am I the one confused?

I guess you are getting tripped up on this sentence:

   In other cases, though,
   an RTP profile is applicable to such a wide range of applications
   that it would not make sense for that profile to mandate particular
   security building blocks be used (the RTP/AVPF profile [RFC4585] is
   an example of this type of RTP profile, since it provides building
   blocks that can be used in different styles of application).

This is an example why RTP profiles, independent of which profile it may
be is not the appropriate level of putting in the mandatory to implement
security solution alternative. And frankly SAVPF and SAVP is only half a
security mandate, they lack key-management and without a mandatory to
implement key-management solution they do not specify a MTI security

And if I count correctly in draft-ietf-avtcore-rtp-security-options
there are at least 11 options for keying SRTP.


Magnus Westerlund

Multimedia Technologies, Ericsson Research EAB/TVM
Ericsson AB                | Phone  +46 10 7148287
Färögatan 6                | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: