IETF Logo Mail Archive

Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)

"David Benham (dbenham)" <dbenham@cisco.com> Tue, 14 April 2015 23:12 UTC

Return-Path: <dbenham@cisco.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1085E1B3057 for <dispatch@ietfa.amsl.com>; Tue, 14 Apr 2015 16:12:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.311
X-Spam-Level:
X-Spam-Status: No, score=-13.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_31=0.6, J_CHICKENPOX_51=0.6, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id taOKTG9h6dx1 for <dispatch@ietfa.amsl.com>; Tue, 14 Apr 2015 16:12:14 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809591B3056 for <dispatch@ietf.org>; Tue, 14 Apr 2015 16:12:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6946; q=dns/txt; s=iport; t=1429053134; x=1430262734; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=RGH8aFNvEwbqg2ExrntKgDDscN2nY9pAHOrvXBdg/1s=; b=WV4FhH+ks0BsE2xqxtE9Armg8fNTmQblBTZCausF8d0VjQHVUAYkhdhT LDAmnx4WHtClvJyz+mmAxBpC+6DQVn5rBu1FuCfWzAsL7FBRcxFACGQhH k/2mAkzQ+GEZEYfG3VWUNGquRPvnSlwU4rNAal8dWDP1m41Jx8kGhOlPl E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AcBQAmni1V/4cNJK1TCYMMUlwFxzkMhTFOAoFETAEBAQEBAX6EHwEBAQMBAQEBNy4GEAkEAQgRAQIBAgEKFAkiDAsUAwYJAQQBEggTiAcIDcpDAQEBAQEBAQEBAQEBAQEBAQEBAQEBEwQEiyeEICsGOIMRgRYFhiaKaIN5hzWDN5AYIoNvb4FEfwEBAQ
X-IronPort-AV: E=Sophos;i="5.11,578,1422921600"; d="scan'208";a="408754207"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by rcdn-iport-1.cisco.com with ESMTP; 14 Apr 2015 23:12:12 +0000
Received: from xhc-aln-x10.cisco.com (xhc-aln-x10.cisco.com [173.36.12.84]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id t3ENCCcn032401 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 14 Apr 2015 23:12:12 GMT
Received: from xmb-aln-x10.cisco.com ([169.254.5.214]) by xhc-aln-x10.cisco.com ([173.36.12.84]) with mapi id 14.03.0195.001; Tue, 14 Apr 2015 18:12:12 -0500
From: "David Benham (dbenham)" <dbenham@cisco.com>
To: "dispatch@ietf.org" <dispatch@ietf.org>, "ben@nostrum.com" <ben@nostrum.com>
Thread-Topic: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)
Thread-Index: AdB3CIWIxzHYODvwQv+pmhwOwoSRPw==
Date: Tue, 14 Apr 2015 23:12:11 +0000
Message-ID: <0683D6CB32AC424D8AF52C0F660E5DC56B984445@xmb-aln-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.35.132.38]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/PRNKsH4KN3JG7Kvdl6mSK2zg474>
Subject: Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2015 23:12:17 -0000

> Date: Thu, 09 Apr 2015 16:29:03 -0500
> From: "Ben Campbell" <ben@nostrum.com>
> To: "Magnus Westerlund" <magnus.westerlund@ericsson.com>
> Cc: DISPATCH list <dispatch@ietf.org>
> Subject: Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP
> 	Conferencing (PERC)
> Message-ID: <DF642B61-47ED-4F33-BE7F-3F70FF80B294@nostrum.com>
> Content-Type: text/plain; charset=utf-8; format=flowed
> 
> For the record, I'd love to see this get chartered. I think the charter
> is on the right track. It might be worth mentioning the drafts in the
> charter as "inputs" to the work.
> 
> Is anyone else interested in working on this?

Yes, fully behind this!

David Benham

> /Ben
> 
> On 25 Mar 2015, at 18:27, Magnus Westerlund wrote:
> 
> > Dispatch,
> >
> > AVTCORE WG has discussed a couple of proposals that discusses
> > end-to-end
> > security in centralized RTP based conferences.
> >
> > Drafts for these Proposals:
> > https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-reqts/
> > https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-
> framework/
> > https://datatracker.ietf.org/doc/draft-cheng-avtcore-srtp-cloud/
> >
> > In these discussions one has reached the conclusion that this work
> > requires its own venue to continue the work. Therefore a number of
> > interested has put together a initial draft charter for a new WG.
> >
> > Please review and provide feedback.
> >
> >
> > Name: Privacy Enhanced RTP Conferencing (PERC)
> > Area: ART
> > Chairs: TBD
> > Mailing List: <using dispatch@ietf.org for now>
> >
> > Motivation for new WG
> > ---------------------
> >
> > RTP-based real-time multi-party interactive media conferencing is
> > today
> > in widespread use. Many of the deployments uses one or more centrally
> > located media distribution devices that perform selective forwarding
> > or
> > mixes media streams received from the participating endpoints. The
> > media
> > transport protocol commonly used is RTP (RFC3550). There are various
> > signaling systems used to establish these multi-party conferences.
> >
> > These conferences require security to ensure that the RTP media and
> > related meta data of the conference is kept private to the set of
> > invited participants and only other devices trusted by those
> > participants with their media.  At the same time, multi-party media
> > conferences do need source authentication and integrity checks to
> > protect against modifications, insertions or replay attacks.  Media
> > distribution devices supporting these conferences may also perform RTP
> > header changes and often consume and create RTCP messages for
> > efficient
> > media handling.
> >
> > To date, deployment models for these multi-party media distribution
> > devices do not enable them to perform their functions without having
> > keys to decrypt the participants? media, primarily using Secure RTP
> > (RFC3711) to provide session security.
> >
> > A new architecture model and related specifications is needed, with a
> > focused effort from the RTP and Security communities.
> >
> > WG Objectives
> > -------------
> >
> > This WG will work on a solution that enables centralized SRTP based
> > conferencing where the central device distributing the media is not
> > required to be trusted with the keys to decrypt the participant?s
> > media.
> > The media must be kept confidential and authenticated between an
> > originating endpoint and the explicitly allowed receiving endpoints or
> > other devices.  Further it is desired that a solution still provide
> > replay protection so that the media distribution devices can?t
> > replay
> > previous parts of the media.
> >
> > The solution must also provide security for each hop between endpoints
> > and multi-party media distribution devices and between multi-party
> > media
> > distribution devices. The RTCP messages and RTP header extensions
> > required for the media distribution device to perform the selective
> > media forwarding may require both source authentication and integrity
> > as
> > well as confidentiality. The solution may also consider providing
> > end-to-end security for a subset of the RTCP messages or header
> > extensions.
> >
> > The solution should be usable from both SIP and WebRTC endpoints that
> > implement the extension defined by this WG.
> >
> > This WG will perform the following work:
> >
> > 1.    Define a general architecture and RTP topology(s) that enables
> >    end-to-end media security for multi-party RTP conferencing.
> >
> > 2.    Define the trust model and describe the resulting security
> >    properties.
> >
> > 3.    Specify any necessary extensions to SRTP.
> >
> > 4.    Define a Key Management Function that distributes the keys. The
> >    system needs to be able to bind the media to the sender of the
> >    media?s identity and/or the identity of the conference.
> >
> > Collaboration
> > -------------
> >
> > If there is identification of missing protocols or functionalities,
> > such
> > work can be requested to be done in another working group with a
> > suitable charter or by requests for chartering it in this WG or
> > another
> > WG. Potential work that might require work in other WGs are DTLS
> > extensions (TLS) as well as RTP header extensions (AVTEXT). This
> > requires strong collaboration with the security area. We will notify
> > SIPREC, W3C WebRTC, AVTCore, and other related groups about this work.
> >
> > Non-Goals
> > ---------
> >
> > The WG is not chartered to extend any signaling system used to
> > establish
> > the RTP based conferences. It will however, need to consider in its
> > architecture how the solution may integrate with these systems.
> >
> > Will not consider non-real-time usages, multicast based media
> > distribution, or Security descriptions-based keying.
> >
> > Goals and Milestones
> > --------------------
> >
> > TBD  Submit architecture or framework specification to IESG (Standards
> > Track)
> >
> > TBD  Submit protocol specification(s) to IESG (Standards Track)
> >
> >
> >
> >
> > Cheers
> >
> > Magnus Westerlund
> > (AVTCORE WG chair)
> >
> >
> > ----------------------------------------------------------------------
> > Services, Media and Network features, Ericsson Research EAB/TXM
> > ----------------------------------------------------------------------
> > Ericsson AB                 | Phone  +46 10 7148287
> > F?r?gatan 6                 | Mobile +46 73 0949079
> > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> > ----------------------------------------------------------------------
> > _______________________________________________
> > dispatch mailing list
> > dispatch@ietf.org
> > https://www.ietf.org/mailman/listinfo/dispatch

v2.23.0 | Report a Bug | By Email