Re: [AVTCORE] RTP Header Extension Encryption
Harald Alvestrand <harald@alvestrand.no> Wed, 16 September 2020 10:33 UTC
Return-Path: <harald@alvestrand.no>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3ED63A0FA3 for <avt@ietfa.amsl.com>; Wed, 16 Sep 2020 03:33:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KDt-ULJoWFqX for <avt@ietfa.amsl.com>; Wed, 16 Sep 2020 03:33:43 -0700 (PDT)
Received: from mork.alvestrand.no (mork.alvestrand.no [158.38.152.117]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 552813A0FA1 for <avt@ietf.org>; Wed, 16 Sep 2020 03:33:36 -0700 (PDT)
Received: from [192.168.3.157] (unknown [188.113.93.42]) by mork.alvestrand.no (Postfix) with ESMTPSA id 38E1F7C5D7B for <avt@ietf.org>; Wed, 16 Sep 2020 12:33:35 +0200 (CEST)
To: avt@ietf.org
References: <CAOW+2dvo8z422LFeP5S652bq8RkF-SKhik=aXYXpTe9zqBX5yw@mail.gmail.com> <CAOW+2dt_A+A1AVnTUQyB4sTG5hMCv7Gf3-rrBB89LR-oacX=Rg@mail.gmail.com> <c390c256-3b4f-5c4d-0e2f-a784acec663c@alum.mit.edu> <CAOW+2dvAJSvAZmwNdYyGASj8Y5dptt8L6B9YrU3RMNrwP2ShGA@mail.gmail.com> <e94134bc-e411-1bdb-44cf-3cdf34f38044@alum.mit.edu> <a94e06f512bea37100179f6601df363ef9ad207e.camel@ericsson.com>
From: Harald Alvestrand <harald@alvestrand.no>
Message-ID: <db1eb25e-a9ca-7005-a547-bd0ac9d67b4b@alvestrand.no>
Date: Wed, 16 Sep 2020 12:33:34 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <a94e06f512bea37100179f6601df363ef9ad207e.camel@ericsson.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/H2P65FOqSkzOLgt7dXH-HCyZi9I>
Subject: Re: [AVTCORE] RTP Header Extension Encryption
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2020 10:33:45 -0000
On 9/14/20 9:41 AM, Magnus Westerlund wrote: > On Fri, 2020-09-11 at 15:48 -0400, Paul Kyzivat wrote: >> On 9/11/20 3:00 PM, Bernard Aboba wrote: >>> Paul said: >>> >>> "Can you please clarify the scope for which you want the encryption to be >>> consistent? Above you variously mention all MIDs and all m-lines. I'm >>> concerned with what "all" applies to. >>> >>> I think I can agree if you are talking about "all within a bundle >>> group". Anything broader has major problems." >>> >>> [BA] Thanks for pointing this out. >>> >>> Mixing unencrypted and encrypted RTP header extensions within a bundle >>> group is problematic because all of the RTP packets arrive on the same >>> port, and the receiver needs to know the MID (which could be encrypted) >>> in order to figure out which packets should have encrypted and >>> unencrypted RTP header extensions. But if you have different bundle >>> groups, then it is possible for each group to have different settings >>> (e.g. encrypted RTP header extensions on one group and unencrypted RTP >>> header extensions on another bundle group) without that problem >>> arising. So this is an argument only for consistency within each bundle >>> group, not for requiring all bundle groups to have the same setting. >> I'm feeling we need a new term here. It has to cover a bundle group as >> well as a single media-description that isn't bundled. Is there a term >> for this within the RTP vocabulary? >> >> > The term in the RTP vocabulary that makes sense are to have header encryption > configuration be applied on the RTP session. > > A boundle group will be one RTP session as they share BUNDLE Transport > parameters. I think this is wrong. An RTP session can cover multiple transports (and will, if you don't use BUNDLE). > > > Cheers > > Magnus Westerlund > > > ---------------------------------------------------------------------- > Networks, Ericsson Research > ---------------------------------------------------------------------- > Ericsson AB | Phone +46 10 7148287 > Torshamnsgatan 23 | Mobile +46 73 0949079 > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com > ---------------------------------------------------------------------- > > > _______________________________________________ > Audio/Video Transport Core Maintenance > avt@ietf.org > https://www.ietf.org/mailman/listinfo/avt
- [AVTCORE] RTP Header Extension Encryption Bernard Aboba
- Re: [AVTCORE] RTP Header Extension Encryption Bernard Aboba
- Re: [AVTCORE] RTP Header Extension Encryption Sergio Garcia Murillo
- Re: [AVTCORE] RTP Header Extension Encryption Bernard Aboba
- Re: [AVTCORE] RTP Header Extension Encryption Sergio Garcia Murillo
- Re: [AVTCORE] RTP Header Extension Encryption Paul Kyzivat
- Re: [AVTCORE] RTP Header Extension Encryption Bernard Aboba
- Re: [AVTCORE] RTP Header Extension Encryption Paul Kyzivat
- Re: [AVTCORE] RTP Header Extension Encryption Magnus Westerlund
- Re: [AVTCORE] RTP Header Extension Encryption Harald Alvestrand
- Re: [AVTCORE] RTP Header Extension Encryption Harald Alvestrand
- Re: [AVTCORE] RTP Header Extension Encryption Magnus Westerlund
- Re: [AVTCORE] RTP Header Extension Encryption Magnus Westerlund
- Re: [AVTCORE] RTP Header Extension Encryption Harald Alvestrand
- Re: [AVTCORE] RTP Header Extension Encryption Paul Kyzivat