IETF Logo Mail Archive

Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)

"Paul E. Jones" <paulej@packetizer.com> Tue, 14 April 2015 20:05 UTC

Return-Path: <paulej@packetizer.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E404C1AD067 for <dispatch@ietfa.amsl.com>; Tue, 14 Apr 2015 13:05:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.012
X-Spam-Level:
X-Spam-Status: No, score=-2.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t3ukQGhFYeQk for <dispatch@ietfa.amsl.com>; Tue, 14 Apr 2015 13:05:35 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 142701AD06F for <dispatch@ietf.org>; Tue, 14 Apr 2015 13:05:35 -0700 (PDT)
Received: from [192.168.1.20] (cpe-98-27-48-15.nc.res.rr.com [98.27.48.15]) (authenticated bits=0) by dublin.packetizer.com (8.14.9/8.14.9) with ESMTP id t3EK5UGK004774 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 14 Apr 2015 16:05:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1429041931; bh=Wb2jCDOkQHRODznxzqrI1RgFePewAMJqsQLXOB+mHzs=; h=From:To:Subject:Cc:Date:In-Reply-To:Reply-To; b=ajsOckPncmZtVemZPfhnWS0BNeF0jxLyaR1QhzdSU/se27UPuMVdoxtqwqD5evIu6 jZ+mMw7+0Bp3GFDnPOsizE3cdQYvLcXfPF42mLspZlRSrmWJ+rFu9hYO3APSIcqyGu crfgINsZo0LzIOYE8WRKOYNqqbDqPrWnn3O2B9L4=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Ben Campbell <ben@nostrum.com>, Magnus Westerlund <magnus.westerlund@ericsson.com>
Date: Tue, 14 Apr 2015 20:05:35 +0000
Message-Id: <em6d8f29a4-55bd-4b08-a66f-a3ec84f8e300@sydney>
In-Reply-To: <DF642B61-47ED-4F33-BE7F-3F70FF80B294@nostrum.com>
User-Agent: eM_Client/6.0.21372.0
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/5kQ7CFrNE69VcvQSbPxhI_5VlFQ>
Cc: DISPATCH list <dispatch@ietf.org>
Subject: Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2015 20:05:43 -0000

Ben,

It perhaps goes without saying that I'm interested in working on this.

Paul

------ Original Message ------
From: "Ben Campbell" <ben@nostrum.com>
To: "Magnus Westerlund" <magnus.westerlund@ericsson.com>
Cc: "DISPATCH list" <dispatch@ietf.org>
Sent: 4/9/2015 5:29:03 PM
Subject: Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP 
Conferencing (PERC)

>For the record, I'd love to see this get chartered. I think the charter 
>is on the right track. It might be worth mentioning the drafts in the 
>charter as "inputs" to the work.
>
>Is anyone else interested in working on this?
>
>/Ben
>
>On 25 Mar 2015, at 18:27, Magnus Westerlund wrote:
>
>>Dispatch,
>>
>>AVTCORE WG has discussed a couple of proposals that discusses 
>>end-to-end
>>security in centralized RTP based conferences.
>>
>>Drafts for these Proposals:
>>https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-reqts/
>>https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-framework/
>>https://datatracker.ietf.org/doc/draft-cheng-avtcore-srtp-cloud/
>>
>>In these discussions one has reached the conclusion that this work
>>requires its own venue to continue the work. Therefore a number of
>>interested has put together a initial draft charter for a new WG.
>>
>>Please review and provide feedback.
>>
>>
>>Name: Privacy Enhanced RTP Conferencing (PERC)
>>Area: ART
>>Chairs: TBD
>>Mailing List: <using dispatch@ietf.org for now>
>>
>>Motivation for new WG
>>---------------------
>>
>>RTP-based real-time multi-party interactive media conferencing is 
>>today
>>in widespread use. Many of the deployments uses one or more centrally
>>located media distribution devices that perform selective forwarding 
>>or
>>mixes media streams received from the participating endpoints. The 
>>media
>>transport protocol commonly used is RTP (RFC3550). There are various
>>signaling systems used to establish these multi-party conferences.
>>
>>These conferences require security to ensure that the RTP media and
>>related meta data of the conference is kept private to the set of
>>invited participants and only other devices trusted by those
>>participants with their media. At the same time, multi-party media
>>conferences do need source authentication and integrity checks to
>>protect against modifications, insertions or replay attacks. Media
>>distribution devices supporting these conferences may also perform RTP
>>header changes and often consume and create RTCP messages for 
>>efficient
>>media handling.
>>
>>To date, deployment models for these multi-party media distribution
>>devices do not enable them to perform their functions without having
>>keys to decrypt the participants’ media, primarily using Secure RTP
>>(RFC3711) to provide session security.
>>
>>A new architecture model and related specifications is needed, with a
>>focused effort from the RTP and Security communities.
>>
>>WG Objectives
>>-------------
>>
>>This WG will work on a solution that enables centralized SRTP based
>>conferencing where the central device distributing the media is not
>>required to be trusted with the keys to decrypt the participant’s 
>>media.
>>The media must be kept confidential and authenticated between an
>>originating endpoint and the explicitly allowed receiving endpoints or
>>other devices. Further it is desired that a solution still provide
>>replay protection so that the media distribution devices can’t replay
>>previous parts of the media.
>>
>>The solution must also provide security for each hop between endpoints
>>and multi-party media distribution devices and between multi-party 
>>media
>>distribution devices. The RTCP messages and RTP header extensions
>>required for the media distribution device to perform the selective
>>media forwarding may require both source authentication and integrity 
>>as
>>well as confidentiality. The solution may also consider providing
>>end-to-end security for a subset of the RTCP messages or header 
>>extensions.
>>
>>The solution should be usable from both SIP and WebRTC endpoints that
>>implement the extension defined by this WG.
>>
>>This WG will perform the following work:
>>
>>1. Define a general architecture and RTP topology(s) that enables
>>    end-to-end media security for multi-party RTP conferencing.
>>
>>2. Define the trust model and describe the resulting security
>>    properties.
>>
>>3. Specify any necessary extensions to SRTP.
>>
>>4. Define a Key Management Function that distributes the keys. The
>>    system needs to be able to bind the media to the sender of the
>>    media’s identity and/or the identity of the conference.
>>
>>Collaboration
>>-------------
>>
>>If there is identification of missing protocols or functionalities, 
>>such
>>work can be requested to be done in another working group with a
>>suitable charter or by requests for chartering it in this WG or 
>>another
>>WG. Potential work that might require work in other WGs are DTLS
>>extensions (TLS) as well as RTP header extensions (AVTEXT). This
>>requires strong collaboration with the security area. We will notify
>>SIPREC, W3C WebRTC, AVTCore, and other related groups about this work.
>>
>>Non-Goals
>>---------
>>
>>The WG is not chartered to extend any signaling system used to 
>>establish
>>the RTP based conferences. It will however, need to consider in its
>>architecture how the solution may integrate with these systems.
>>
>>Will not consider non-real-time usages, multicast based media
>>distribution, or Security descriptions-based keying.
>>
>>Goals and Milestones
>>--------------------
>>
>>TBD Submit architecture or framework specification to IESG (Standards
>>Track)
>>
>>TBD Submit protocol specification(s) to IESG (Standards Track)
>>
>>
>>
>>
>>Cheers
>>
>>Magnus Westerlund
>>(AVTCORE WG chair)
>>
>>
>>----------------------------------------------------------------------
>>Services, Media and Network features, Ericsson Research EAB/TXM
>>----------------------------------------------------------------------
>>Ericsson AB | Phone +46 10 7148287
>>Färögatan 6 | Mobile +46 73 0949079
>>SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
>>----------------------------------------------------------------------
>>
>>_______________________________________________
>>dispatch mailing list
>>dispatch@ietf.org
>>https://www.ietf.org/mailman/listinfo/dispatch
>
>_______________________________________________
>dispatch mailing list
>dispatch@ietf.org
>https://www.ietf.org/mailman/listinfo/dispatch

v2.23.0 | Report a Bug | By Email