IETF Logo Mail Archive

Re: [AVTCORE] [EXTERNAL] Re: Registering AVP Profiles for RTP over QUIC

"Asveren, Tolga" <tasveren@rbbn.com> Sun, 15 May 2022 20:11 UTC

Return-Path: <tasveren@rbbn.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 135E1C26D460 for <avt@ietfa.amsl.com>; Sun, 15 May 2022 13:11:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.09
X-Spam-Level:
X-Spam-Status: No, score=-2.09 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rbbn.com header.b=Hns3ho7w; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=sonusnetworks.onmicrosoft.com header.b=ZzUCLxJ8
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ooQQBTL6TYjD for <avt@ietfa.amsl.com>; Sun, 15 May 2022 13:10:56 -0700 (PDT)
Received: from mail1.bemta36.messagelabs.com (mail1.bemta36.messagelabs.com [85.158.142.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04C8DC26D462 for <avt@ietf.org>; Sun, 15 May 2022 13:10:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=rbbnselector03122020; t=1652645453; i=@rbbn.com; bh=XncJlBjsZaEPUC3V8gFiLnjM4j3KjVw8nPEZRUS++LE=; h=From:To:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:MIME-Version; b=Hns3ho7wzddb13gQyuJemuFTaK65KO18c9ay913+Lckjs9/2dJg1X0ioMlmvdzpiB s54Bb5OGDaQJjJRhPYMZUWIxxp4Eyo5KeQEfXxMRBzODoGIF1Hn/qv6Tlu6P+WlcRP 4vOs10PuuBxQbEi51VfzEk7gnLlxPM953H+61r+4iDArOfAiRf6I7ejRKFk0UZdq72 NkvH3Oae81/SMeHjE072tCP0PRCLU2TjUv0V10kIG0chkSEpHmBMEGfV/lnP4GAunq 8bWjRmD1Odstc7R20I2OPYUgtZFS5byfs1+4TgAMoaYcn0AX8oyCW/fLQFdr5a+yiV xZZWVnm/nu84g==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrOJsWRWlGSWpSXmKPExsWSoW+1VtcnrjH JYOsbMYuXPSvZHRg9liz5yRTAGMWamZeUX5HAmnFs80+mgnN7GSv+vWpgaWD8u4Kxi5GLg1Fg KbNE+/qZzBDOIlaJK9fmskE4qxglOuf/AStjEdjNLPH6xAmwMiGBiUwS01ovsHcxcgI5dxklV q7TAbHZBLQk3r3cyAxiiwgoSrRe+wzUzcEhLBAosWUDO0Q4SOL+0mVMELabxIqla8HiLAKqEr P6TrGAlPMKxEpcO20Jseouk8SrM3PAajgFXCUmv/zJCGIzCohJfD+1BmwOs4C4xK0n88FsCQE BiSV7zjND2KISLx//Y4WoL5K4/HANI0RcVuLS/G4o21fi27IVrBC2rsTGySeg5uRIbD24BGqO nMSq3ocsELa8xLRF79khbBmJBze2g0NLQuAPm8TSXQ3sEM4zZokFf3qgug0k5n07wgZhXxKUO DvdH+LqPIld3YeZJjBqz0LyxCwkKRCbV0BQ4uTMJywQcR2JBbs/sUHY2hLLFr5mhrHPHHjMhC y+gJF9FaNtUlFmekZJbmJmjq6hgYGuoaGprpmJrrGJXmKVbqJeaqlucmpeSVEiUFYvsbxYL7W 4WK+4Mjc5J0UvL7VkEyMwbaUUOyjtYDzb91PvEKMkB5OSKK/v84YkIb6k/JTKjMTijPii0pzU 4kOMMhwcShK8jDGNSUKCRanpqRVpmTnAFAqTluDgURLh5YsASvMWFyTmFmemQ6ROMbpyXNm2d y8zx84tl4HkpUNXgOTKwyByN4gUYsnLz0uVEued5w/ULADSnFGaBzcalv4vMcpKCfMyMjAwCP EUpBblZpagyr9iFOdgVBLmPQFyIU9mXgncBa+AjmMCOk5EH+y4kkSElFQDk11zymml3D2Wn1d 8LYoO5AwolFq/9Oz8jZ6H/P5F3BF56G/CtvhL9Ic94Wu/mJStK9nrz12XkJCzzWCK7seSoL9f lD5meGhEz1LjM39S7Hng1ucb7+43t07W5W/YvPSgqvqjVc8yLBfXS92bclly+lpe4eMKvOr21 g//bGR27Ji9Zcv7yBXGsR3c8t3Gk1PbV65dYeY8Z0HeOV43sf+p3h2dT/9O4lfZfeDFjlwdnd WSXR7ztHwiL4UHW/vzCws1CD5V2ykkumzjz7dzebcuzahc9DnVseVw3OEVgW63lRazn/5dKPd sytK+g6WXnj+d+7R0r8Iru/bNHRYhKhq3HFWLfzcWbpMT6X63hjP0nhJLcUaioRZzUXEiAO0i vuR6BAAA
X-Env-Sender: tasveren@rbbn.com
X-Msg-Ref: server-7.tower-528.messagelabs.com!1652645451!48985!1
X-Originating-IP: [104.47.58.173]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.86.4; banners=rbbn.com,-,-
X-VirusChecked: Checked
Received: (qmail 23484 invoked from network); 15 May 2022 20:10:52 -0000
Received: from mail-bn8nam11lp2173.outbound.protection.outlook.com (HELO NAM11-BN8-obe.outbound.protection.outlook.com) (104.47.58.173) by server-7.tower-528.messagelabs.com with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 15 May 2022 20:10:52 -0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PZbQ+LkADS35TxNNfQ+P913V+OkPThi2X5mPavXpcGGBuIHO1kbAbpHvSU1G4SG41xTmVr/7jIkH68awFpvMkgNmtZxmQygV3YCdizbe3CtJ579BXS2t1ZYxK9fcDs4a+pRl7/er6sFuU0+NfGPAsIG6lAK37qadHzA84hyq3DcwLzEILP3wXXYajY8bHwsbL3X0uonmXtjo2aujBK6ungZX4fH//+5yCKfzKl+NESzwBm+h4t11wEy0KMrtImvzirT8h+y34po+s0ACjENMc+DWxeDCSAXS3kcvcPiBPQwSoiJ5ZRKg2BpGgZWomx2WOscVdys7sg44NzMmJmYCSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U3CHlfMVUnkneWJe4Kdzo4ZYJz7rIAMBoO/7yIj0jiM=; b=nwp4p2/tGPClUYIQH5VNCKr3AYkaq8UBXkb6ehGx0l0EsrFHJGzYzLGgw+4CzKBGzUyQc+6ftp0jt/c8hP4TpxS3K05yb/fPeL1jqLpGBe8ydBTvOxqWUtXlS6YQvhDLyTq9QaBTmUjfwIM/08VNW1QmE0WGRsJ8FSsEwBOpW44jECmVV6xh2x03KCG0yAz1fLw3ECYUdEpUMzF7KmixC0Y7sdAfqTvc9i3qBxkAox4Fcv9YNf2P3Q/IzcBPfFCjAzMLCto9Hmm8hg51LI9X6h72ZHgujZahLjAb0jyh9Rv9o2NI7grNM+T+yGIqD4R+WP3YCSsoLPHRMQhi6Sf7kA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=rbbn.com; dmarc=pass action=none header.from=rbbn.com; dkim=pass header.d=rbbn.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=SonusNetworks.onmicrosoft.com; s=selector2-SonusNetworks-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U3CHlfMVUnkneWJe4Kdzo4ZYJz7rIAMBoO/7yIj0jiM=; b=ZzUCLxJ87JR8uXc7MZeP2wYBY6qCXCArWYKm/5wnXYN0pqA8pq1fyxEU9StU2nkYeI4lUgMQ9szem0pc1dSdBWOBzsq4GhcqnPdx31jV9+s9D43rZ/YygjwilqPeTAN5OYLrfY5fbjx06Xoxl5JC/YsPF2qtGr5RNgSnDc0XSyc=
Received: from BL1PR03MB5974.namprd03.prod.outlook.com (13.101.93.247) by SA0PR03MB5548.namprd03.prod.outlook.com (20.181.132.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.15; Sun, 15 May 2022 20:10:47 +0000
Received: from BL1PR03MB5974.namprd03.prod.outlook.com ([fe80::283c:1631:4bee:d65]) by BL1PR03MB5974.namprd03.prod.outlook.com ([fe80::283c:1631:4bee:d65%6]) with mapi id 15.20.5250.018; Sun, 15 May 2022 20:10:47 +0000
From: "Asveren, Tolga" <tasveren@rbbn.com>
To: "avt@ietf.org" <avt@ietf.org>
Thread-Topic: [EXTERNAL] Re: [AVTCORE] Registering AVP Profiles for RTP over QUIC
Thread-Index: AQHYZXwGP4xy4gN6E0u2Hq0mOBh03a0aRWUAgAArSICAAADDAIAF7ExA
Date: Sun, 15 May 2022 20:10:47 +0000
Message-ID: <BL1PR03MB59749C2C752E23F4D4B85AC5A5CC9@BL1PR03MB5974.namprd03.prod.outlook.com>
References: <CAKKJt-dvotzuaK66T8WQd7YgNLNr_6vqa4W8-z=5FvujpGWA=A@mail.gmail.com> <CAD5OKxvuQ+ng4YUbKE2Do5aB3pOpTs24Y59G1-2QAwSSX6HYkw@mail.gmail.com> <CAKKJt-cXMa8bW7HhwrkzX2-O=kYK2GRNwtB+cHRB-zWn+f0f+g@mail.gmail.com> <CAD5OKxsPd8w=geXBjJwFSSNUhFQ3sc-MMvte3EG6w24=tMvVPQ@mail.gmail.com> <8d20301c-f227-4c0b-aaec-4f1ddf22f782@beta.fastmail.com>
In-Reply-To: <8d20301c-f227-4c0b-aaec-4f1ddf22f782@beta.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a8840842-7eb6-4611-b5d0-08da36af0028
x-ms-traffictypediagnostic: SA0PR03MB5548:EE_
x-microsoft-antispam-prvs: <SA0PR03MB554836AAB1BD8C5E96DCCF0AA5CC9@SA0PR03MB5548.namprd03.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Oza6q4CD0dWul17vf7lgPXFEM7guzFyWukVJidp4L2C5IhtrVHfCYyadapBTAylh8jWUkuKbEeQ7yCVK+d31Qlu7kXt5GB1SWcp+zn/tGSUZiceyrBJZCs4wag2t9Sqexhe1uqObIo5beFFQeL6CnWqU56lx+ILhjuHGCoR2P/xFNWQCGnAOj3bsl5pByBkafTzUeE+7o9ebZrYE2rvASfETjp+o3V8ijpTRb9ZVPWduexkYqKdgVY9ggCtnkslymWywubhJHVGAkRxQ0ukEFWY6TlywRN2ZCF+GF48mcrNQ3cRk4ByGcQcE0S/iydOAZeUJh2iE8dZB8lq1aCF98P0tc+PrA8Sc1tjtEB14q5n1b0WcL3og2d4LTCfVS+h7gcEoG2g2liGhf+GwDese1J21bIeiTchD0SIiJI74uJ+Up4KHCCgyDHGPJ6WaoDb1mKCYzfbAniqNG3mWqQSj9KODQLvixA8/xlo0DMq4icaE6udDUyOKaRoI0Fa4vpBVMKT3f5yhac+I0fJg5UsRSVToO1zNtqbyNieDn0arZUjpVQKLJY2Fd98S2UJRW5pExMs7UGQ0OOP3ms5sX3x8jtIZ/Pve95kf5l6iwpmDdURjnNbBFWZWIVc4P9WciGRIT1liFeiTjvZzMUbgMJbKb8yOk0pPPHuBDRIYdpHtq7WPn/rPrDr8qP7/z5HqkL+0crBpq/u+W71Cf9ByiJyLv2rtN2lyVpaw8rnrEWJFFs8NfJDi1nIOMPI9mxf40j6ui+hTDkCUP5bNDJYUbsAodU9Ohk+c5dgAa63nl2V/OVT1GLNJwBK6q1j6XMlTHNAGSVub1xu0E/9nWKjcW0Op3g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL1PR03MB5974.namprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(64756008)(76116006)(66946007)(66476007)(66446008)(8676002)(66556008)(122000001)(33656002)(7696005)(52536014)(86362001)(83380400001)(8936002)(5660300002)(38070700005)(38100700002)(316002)(186003)(6506007)(166002)(71200400001)(9686003)(26005)(53546011)(966005)(2906002)(55016003)(508600001)(6916009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: HA6+eB2sTl1OTB17frWGOmG4U9T+yO7DxbPeBM/SBLkmrVGQDmwO32dWw2A/FJk5IYdSsi3uaTkQADh6VGDiSZ432bWwoSTm3I95lQ9VObESVe3lwT+rXMtWdsSbpx49kSWO33wy20OGZG3DXSPVttB9HNSH8Yc09km4LqcbdjkT3tzuAAmHz76T1ho0Dbr2o2fBXfDFdLxt6nndn00yuhxwc88BViUCc2DfeM0DupFC1NzSklBfysRaDfsrtNF8dQSLJmeiE/f9AQNcZUr/mA2ixcbLFzqY+JxzlN90hNV7ozncmBC9PoIka6X2ukylN3SlzPbBxTGZ3dW4i44oS8i5s54Q6M3rgmAKwjCjx91PzNKIUGcWnre+GVM/Ja494zlPq3XvlbJy9gep/YwPsab3Zg4kYv5ccBZ11V/yJHRNePSCqeSiJf4RH+oBLqpZurz+XpE+61nPbXRKgmVlWfLSBtRayiMNmoqylpeINW7PHPZT7RgbUGHSFgSs44VrUznOko5Un7MIQcXfcff3KRdqAy5PH/Mbs4sc/0zk5d4VjylEQmYCJdute5vnn+u4hykUfRj6Wq8IVtr0Qgx3rhQoi80QCxKZBmjKjN2ddv2f/OWs9G/q/05QMb0MwhpwBU332wq2BlbYHuEhYzkmMmBjpa46TO084qPQtR4pF/VB0LkGoI8L4ThwyY0JCl2kztD9M135jV/6/5lf0IKPcxNCrrTts3J0f5pyquur06vbgMEwcEzUdMvLZYCPECJW+PS3vumJdGnOLwCIqlhLFHPFPyZQuEWZLEUez2sRyudIIuhjMtYL1vdk9U91pCSxDc2rdZNgpGyVU6jRzsSOcNw8kVBbX60p1SP6mHU9xH4mO1UnKTdm7rLRGtSMVprIBflvNX0ZdEbT0YOWpoOOyBpi6Jf7j+MpsfRgylyHz4vfGT9m+2tpRyO1euGJ3hU7CdX8b3jcFLaY7H2Va+T/VAbrGtm4SbzYikPwXTdttuNMNub77VcgsY9O1nOkrsIYMS7G1RGnX2m4gXOB8Zzt7e4hstxAe9Qz5reVz5XQhLmZt+I1ItNABXCVbpNdusLpRUQJuJ5+gKGb9+0FKBUeei7z2X+G82kn4TeB8Z0Wn6qdCY9Fx+kTR3y/5zhPyNe7qX4C8zlkw6r4bZVDxABKXUN42kxceqbhUNXhtW7gzIPIeg30IPl5rW+HTPR1pbtomGy27SQTewnnPTH+FCh6SYUn24ZPBvEHmeXkWVngpRSg/u7OUYS9kZ6pHUF9zGTXB+waQdHKqF1E2TeMzroNyjYVBLL8B/kyYbPkEkZl+dsLP4VVQEDDx4aTwM4e0VOXzGvvYGYPp2RvTKsqi0qzd9YD/T3KOEL26wTXr28Ojlgztu5DRkwLG1bHGVyUO/5PvjJdw5XFhn3xECf7Zdbu7hKTTuD3xwCr49pRfmAayiNYyWeCdPNAnSZuchCmgYjxZaH0sXvL0fqCeFu7uKfrR4ZCZ455TsgexP91l8dozaXw4Ta4ZFphdVh3MgGcSKfgAkOwUZ+9qj35oRJfCqhPb8jDDbDAItVyYhUsyOdDux+3TUwSD5IluxS2v/3EpMdFAxuDGxJaS7FTg+0W5oKb+GA+pqLX71KEU5f1CnT7eZVR8IH2DZTy075E9c55W2fkqbJcACO0SIhTh3oUkv7+7v8FfldQfNlBnUu7F6JoXrrb1jbwUMx/ZVL/nGvtqdPq
Content-Type: multipart/alternative; boundary="_000_BL1PR03MB59749C2C752E23F4D4B85AC5A5CC9BL1PR03MB5974namp_"
MIME-Version: 1.0
X-OriginatorOrg: rbbn.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL1PR03MB5974.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a8840842-7eb6-4611-b5d0-08da36af0028
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 May 2022 20:10:47.5566 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: D7V9szNvzAyqKTnG7fBbb5DI1zxyqV84m8XJYGRnKGNW07T+nk2uiYGVkqFiqLodwRlyzk+WD/ihLHf+V4bKnw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR03MB5548
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/a2V__5B3mEjE2wGT-yfxhMghat0>
Subject: Re: [AVTCORE] [EXTERNAL] Re: Registering AVP Profiles for RTP over QUIC
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 May 2022 20:11:01 -0000

Maybe a somewhat different perspective on this whole issue:

  *   "SAVP" stands for "Secure AVP Profile" and refers to use of SRTP
     *   So, arguably it should be signaled only if SRTP is to be used
  *   With QUIC -or with UDP/DTLS- there is no need for SRTP from hop-to-hop security perspective
  *   How to signal middleboxes that SRTP has to be used for their downstream media legs as well
     *   Does "SAVP" actually mean that?
     *   I would argue that technically not and the final outcome is left to the interpretation/configuration of the middlebox
  *   Is it useful and sometimes even needed- to signal that media stream needs to secured across the whole path?
     *   Probably and arguably this should be signaled in an explicit way in SDP



Thanks,

Tolga

-----Original Message-----
From: avt <avt-bounces@ietf.org> On Behalf Of Martin Thomson
Sent: Wednesday, May 11, 2022 9:19 PM
To: avt@ietf.org
Subject: [EXTERNAL] Re: [AVTCORE] Registering AVP Profiles for RTP over QUIC



Hi Roman,



I've always considered QUIC-SRTP to be a viable alternative to DTLS-SRTP.  The challenge there is that it is not specified as possible.



I think that people here are looking to pick up more of the advantages of QUIC though.  That is, even if that means losing some of the advantages of existing stuff as SCTP <-> QUIC is not a seamless transition and SRTP/QUIC has some interesting properties.



On Thu, May 12, 2022, at 11:15, Roman Shpount wrote:

> Hi Spencer,

>

> I was thinking not about using QUIC to transport RTP, just to

> negotiate the encryption keys and protocol. Once keys and protocol are

> negotiated, SRTP-over-UDP sends the packets. SRTP/SRTCP packets are

> demultiplexed from QUIC, and both protocols run side-by-side. This

> means none of the QUIC encryption, NACK, congestion control, etc., is

> used for media. It is an exact equivalent of DTLS-SRTP with QUIC being

> used instead of DTLS to negotiate keys.

>

> Even if this draft does not cover such a set-up, I think it is a

> viable network configuration. Whatever protocol name you will come up

> with, it should be possible to differentiate media over QUIC vs. key

> negotiation over QUIC.

> _____________

> Roman Shpount

>

>

> On Wed, May 11, 2022 at 6:41 PM Spencer Dawkins at IETF

> <spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>> wrote:

>> Hi, Roman,

>>

>> On Wed, May 11, 2022 at 4:12 PM Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:

>>> What about using QUIC for encryption session setup and SRTP for sending media, similar to DTLS-SRTP? This can be the easiest option to implement.

>>

>> I'm not aware of a way to stop encryption in RFC 9000 QUIC, which is using RFC 9001 TLS for key exchange, etc, in favor of an application-level encryption mechanism. This has come up a number of times in conversations with 3GPP, who also wanted to avoid duplicate encryption (details don't matter, at this point), and the IETF has always said they wouldn't provide that.

>>

>> But maybe something has changed?

>>

>> Best,

>>

>> Spencer

>>

>>> Best,

>>> _____________

>>> Roman Shpount

>>>

>>>

>>> On Wed, May 11, 2022 at 4:47 PM Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>> wrote:

>>>> Dear AVTCORE,

>>>>

>>>> I've had an open PR in https://clicktime.symantec.com/3TSmRngAhdKrRbCSwZPQ3HA6H4?u=https%3A%2F%2Fgithub.com%2FSpencerDawkins%2Fsdp-rtp-quic%2Fpull%2F9 for a while,so I could get a sense of how AVT profiles are supposed to work, and I'd like to push on that now (with a virtual interim meeting coming up next week)..

>>>>

>>>> The high-level summary of discussion in https://clicktime.symantec.com/3R2yBz2ZCbhWMW3QYKvVfK26H4?u=https%3A%2F%2Fgithub.com%2FSpencerDawkins%2Fsdp-rtp-quic-issues%2Fissues%2F5 (note that this discussion is in a different repo, because reasons) has been roughly,"what's the difference between QUIC/RTP/AVPF and QUIC/RTP/SAVPF"?

>>>>

>>>> The arguments about not registering secure AVP profiles involve

>>>>  *  the computational overhead of double encryption for all

>>>> packets, plus

>>>>  * the payload overhead of 10 bytes per packet since you have 2 HMACs.

>>>> The arguments about registering secure AVP profiles seem to revolve

>>>> around

>>>>  * Minimizing the impact of added QUIC support in existing implementations that are using /RTP/SAVPF now.

>>>>  * QUIC encryption protects payloads between QUIC endpoints, but there are many multi-endpoint RTP topologies (https://clicktime.symantec.com/37MgqdQA3JHTWFiLP2243MF6H4?u=https%3A%2F%2Fwww.rfc-editor.org%2Frfc%2Frfc7667 has about 50 pages of them), and when a middlebox receives  QUIC/RTP/AVPF, it's not obvious whether the middlebox should

>>>>    * forward the RTP payload using  RTP/AVPF (where the outgoing AVPF matches the incoming AVPF), or

>>>>    * forward the RTP payload using RTP/SAVPF, where the outgoing

>>>> SRTP encryption matches the incoming QUIC It seems to me that there are three choices:

>>>>  * Use only QUIC/RTP/AVPF, and and require middleboxes receiving

>>>> QUIC/RTP/AVPF traffic to always forward that traffic over RTP/SAVPF

>>>>  * Use only QUIC/RTP/AVPF, and and require senders to signal

>>>> middleboxes whether they should forward that traffic over RTP/AVPF

>>>> or RTP/SAVPF

>>>>  * Register both QUIC/RTP/AVPF and QUIC/RTP/SAVPF, and if you have

>>>> to do double encryption on the QUIC/RTP paths to get RTP/SAVPF on

>>>> the other side of a middlebox, too bad So, my questions are,

>>>>  * What am I missing here?

>>>>  * Are any of the choices I'm listing obviously the *BEST* choice?

>>>> Best,

>>>>

>>>> Spencer

>>>> _______________________________________________

>>>> Audio/Video Transport Core Maintenance avt@ietf.org<mailto:avt@ietf.org>

>>>> https://clicktime.symantec.com/3CNt68QCPT58CV457HLugmp6H4?u=https%3<https://clicktime.symantec.com/3CNt68QCPT58CV457HLugmp6H4?u=https%253>

>>>> A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Favt

> _______________________________________________

> Audio/Video Transport Core Maintenance avt@ietf.org<mailto:avt@ietf.org>

> https://clicktime.symantec.com/3CNt68QCPT58CV457HLugmp6H4?u=https%3A%2<https://clicktime.symantec.com/3CNt68QCPT58CV457HLugmp6H4?u=https%3A%252>

> F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Favt



_______________________________________________

Audio/Video Transport Core Maintenance

avt@ietf.org<mailto:avt@ietf.org>

https://clicktime.symantec.com/3CNt68QCPT58CV457HLugmp6H4?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Favt

Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.

v2.23.0 | Report a Bug | By Email