Re: [AVTCORE] Defined by RTP profile ids for encrypted header extensions
Justin Uberti <juberti@google.com> Thu, 30 July 2020 23:23 UTC
Return-Path: <juberti@google.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 127893A124D for <avt@ietfa.amsl.com>; Thu, 30 Jul 2020 16:23:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TOo8RqVKlPd8 for <avt@ietfa.amsl.com>; Thu, 30 Jul 2020 16:23:12 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57BC43A124B for <avt@ietf.org>; Thu, 30 Jul 2020 16:23:12 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id l1so29976188ioh.5 for <avt@ietf.org>; Thu, 30 Jul 2020 16:23:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oISR8wyAtdiZsudkG2X7/uStvg25LLrVzoG2ZCNIK6w=; b=Nsrzn6BWkLH2KzbfMKLzBbU4qMRVCIScpJG/xa3zywc1/SxbafQrXWZfKIsbPX0mcU 12SwP12sB35oyb4sU+QFozRAlEqXkkB7dVftjIwJuYiY8YbIznAn4Rzu5Lr7kPa60vg6 UMaPTMkgvshfnJMzJmyXZukdJVnS4K2XdSUYNjzllvfrH6M4k/WkF7ZDvkd4eoByW+zw /jOuu3TbGN7/2hQXU+78xQMyB3OgHsoMS7KzQtNv/jqapLcV2gFgwwMsTgKVija5dLTg RDNCnMXpMROeSrQcl8m84vWJy4RAssEcPPy6e8Gct3tkD15OGcRtwwV35+Cy457zkX2j KRVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oISR8wyAtdiZsudkG2X7/uStvg25LLrVzoG2ZCNIK6w=; b=T5f4V+SkF9AOspApbJeVQaNnT8BiUvBgeczCauAkFazdYK5RNRaTrOyAfa/pZRaEF1 l4xAcA8TouR12eQRS/QuUCmlyD6tOU7KPuS19ZLx+WhQS9L9jT1i6lvJpCy8qzAUf8rj d+8k+g7O6EXpRq3F9qVUW+mujZL8HZsjZdMC9NpZ2N1bNo0uLMZIlTV/lDGvGsQfohOb qEwVOnf7bJMXD1ZRqFGOBIYHhfeXYU1QN/TRgPeqUPv57dvF02DwuIgcvSRK9UT7+i9x c/7sv1GdCKJyPBqLUltkKB6QgztpB4BZBqEpOt6sav9FnXe0qD9HxYm1iYeE2QNZxaLS pEhg==
X-Gm-Message-State: AOAM531Mx9etvWLLJ5SiYaWvFlxjhTnvoc6krwy88nLASXpw2aiuQdGR UlEEzSEcttWVMbQJ7T0O4D/E2N0qCsRgy8tAd4B56w==
X-Google-Smtp-Source: ABdhPJwOwR0pnGbmcqmHdBJ3lrxQN73cbv6nAZr53R5Js5vkxvQRX4TCm/zm4DW9b2SyC+BNQ19wA8MUkxXYoXDgWC4=
X-Received: by 2002:a6b:da07:: with SMTP id x7mr1006979iob.6.1596151391180; Thu, 30 Jul 2020 16:23:11 -0700 (PDT)
MIME-Version: 1.0
References: <75f257b1-c131-1e83-4c90-03f980466303@gmail.com>
In-Reply-To: <75f257b1-c131-1e83-4c90-03f980466303@gmail.com>
From: Justin Uberti <juberti@google.com>
Date: Thu, 30 Jul 2020 16:22:58 -0700
Message-ID: <CAOJ7v-0oE=KxGfu+dv0bgxwCOzX1=LfsL2zULJYBSbW6GmkDNA@mail.gmail.com>
To: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Cc: avt@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ae545705abb0f46a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/wspNRczOQksfbmK1q1IxNi3u3Tc>
Subject: Re: [AVTCORE] Defined by RTP profile ids for encrypted header extensions
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 23:23:14 -0000
For id 256, this is news to me too. 4 bits isn't a lot of room, but if we widened this to 8 bits you could stick ssrc-audio-level in here, saving two bytes per packet. So the options become: 1a) forbid 1b) leave as-is, but encrypt 1c) widen and encrypt I would go with either 1a) or 1c). 1c) would still need to fall back to a typical extension when not encrypting. (Do we know why this field was historicaly chosen to be 4 bits?) Regarding id, I'm open to the simplicity argument that you make, although there's also some value in having a value that's immediately obvious from a Wireshark trace (0xC0DE, 0xC0D2). I think I'd lean more toward the numeric approach if we went with something like 1c). On Thu, Jul 30, 2020 at 3:55 PM Sergio Garcia Murillo < sergio.garcia.murillo@gmail.com> wrote: > Hi all, > > Not sure if we got to a consensus regarding the need to introduce new > defined by profile ids for being able to tell if an incoming packet is > using the new encryption scheme to protect the csrcs and the rtp headers or > not. > > I think we should, but in that case we need to specify two different > profiles ids, one for the encrypted one byte header extension and another > different one for the 2 bytes one. I have some doubts regarding what to do > with the appbits of the 2 byte header extension profile id: > > 0 1 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | 0x100 |appbits| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > If I have read the rfc correctly (never understood their meaning until > today), it is reserved for carrying the value of the header extension with > id 256. This would mean that the appbits for extension 256 are sent > unencrypted with the new approach if we keep this format. Probably the best > would be to forbid the usage of extension 256 if cryptex is signaled. > > Regarding, ids values, I love 0xC0DE for 1 byte extensions, but not sure > if it would be better to be consistent and use 0x1010 for 1 byte encrypted > extensions and 0x1020 for two byte encrypted extensions. > > Best regard > > Sergio > > _______________________________________________ > Audio/Video Transport Core Maintenance > avt@ietf.org > https://www.ietf.org/mailman/listinfo/avt >
- [AVTCORE] Defined by RTP profile ids for encrypte… Sergio Garcia Murillo
- Re: [AVTCORE] Defined by RTP profile ids for encr… Justin Uberti
- Re: [AVTCORE] Defined by RTP profile ids for encr… Sergio Garcia Murillo
- Re: [AVTCORE] Defined by RTP profile ids for encr… Justin Uberti