Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)
Magnus Westerlund <magnus.westerlund@ericsson.com> Fri, 10 April 2015 12:03 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 350321B2CE8 for <dispatch@ietfa.amsl.com>; Fri, 10 Apr 2015 05:03:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8nEkPz8CsQi for <dispatch@ietfa.amsl.com>; Fri, 10 Apr 2015 05:03:41 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C28C1B2C78 for <dispatch@ietf.org>; Fri, 10 Apr 2015 05:03:39 -0700 (PDT)
X-AuditID: c1b4fb25-f79126d000004b89-6f-5527bc1990bc
Received: from ESESSHC006.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id CF.4B.19337.91CB7255; Fri, 10 Apr 2015 14:03:38 +0200 (CEST)
Received: from [127.0.0.1] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.38) with Microsoft SMTP Server id 14.3.210.2; Fri, 10 Apr 2015 14:03:37 +0200
Message-ID: <5527BC19.5000103@ericsson.com>
Date: Fri, 10 Apr 2015 14:03:37 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Ben Campbell <ben@nostrum.com>
References: <55134454.9050302@ericsson.com> <DF642B61-47ED-4F33-BE7F-3F70FF80B294@nostrum.com>
In-Reply-To: <DF642B61-47ED-4F33-BE7F-3F70FF80B294@nostrum.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrELMWRmVeSWpSXmKPExsUyM+Jvja7UHvVQgxnneCzmd55mt1g6aQGr A5PHkiU/mTxm7XzCEsAUxWWTkpqTWZZapG+XwJXxYtIhxoIn5hV/zq9ha2A8rNvFyMkhIWAi saFpExuELSZx4d56MFtI4CijxKy/FV2MXED2ckaJe/vOMoIkeAW0JX6dawIrYhFQlWj9fJ0V xGYTsJC4+aMRLC4qECzR9KKRHaJeUOLkzCcsILaIgJLE8+atYDYzUO/5U53MILawQKTE76d9 7BCL4yS+nzoHNIeDg1PAXmLJEX0Qk1lAU2L9Ln2ITnmJ5q2zmSGqtSUamjpYJzAKzkKybBZC xywkHQsYmVcxihanFiflphsZ66UWZSYXF+fn6eWllmxiBAbqwS2/VXcwXn7jeIhRgINRiYf3 QZp6qBBrYllxZe4hRmkOFiVxXjvjQyFCAumJJanZqakFqUXxRaU5qcWHGJk4OKUaGCMP7J59 mSV1j/s8m6k9LN+e7S58uekcw8bFMuENy06bhu9xYXWWr59WfLfivMP2iguyKR1Cvq9sllwq Ltnxs7PHTaigTLEpTr4pvVhYsXPzxpOJPk7FD6X69l5SmZ0a0bBeJ3aK2pGs4+zWKy59Pj15 1W4liYuXr9+eqLk4ZN/CPzdT/b01liixFGckGmoxFxUnAgCUZmwBNQIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/muDnK5nFfKWGO2ezq0KsAZj2UYc>
Cc: DISPATCH list <dispatch@ietf.org>
Subject: Re: [dispatch] Proposal for a new WG: Privacy Enhanced RTP Conferencing (PERC)
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Apr 2015 12:03:43 -0000
On 2015-04-09 23:29, Ben Campbell wrote: > For the record, I'd love to see this get chartered. I think the charter > is on the right track. It might be worth mentioning the drafts in the > charter as "inputs" to the work. > > Is anyone else interested in working on this? To be clear, one benefit of getting the work out of my WG (AVTCORE) is that I can be an active contributor, rather than a chair of this. I do hope that people speak up, we had close to 20 persons in the room when we had a drafting session of the charter in Dallas. Cheers Magnus > > /Ben > > On 25 Mar 2015, at 18:27, Magnus Westerlund wrote: > >> Dispatch, >> >> AVTCORE WG has discussed a couple of proposals that discusses end-to-end >> security in centralized RTP based conferences. >> >> Drafts for these Proposals: >> https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-reqts/ >> https://datatracker.ietf.org/doc/draft-jones-avtcore-private-media-framework/ >> >> https://datatracker.ietf.org/doc/draft-cheng-avtcore-srtp-cloud/ >> >> In these discussions one has reached the conclusion that this work >> requires its own venue to continue the work. Therefore a number of >> interested has put together a initial draft charter for a new WG. >> >> Please review and provide feedback. >> >> >> Name: Privacy Enhanced RTP Conferencing (PERC) >> Area: ART >> Chairs: TBD >> Mailing List: <using dispatch@ietf.org for now> >> >> Motivation for new WG >> --------------------- >> >> RTP-based real-time multi-party interactive media conferencing is today >> in widespread use. Many of the deployments uses one or more centrally >> located media distribution devices that perform selective forwarding or >> mixes media streams received from the participating endpoints. The media >> transport protocol commonly used is RTP (RFC3550). There are various >> signaling systems used to establish these multi-party conferences. >> >> These conferences require security to ensure that the RTP media and >> related meta data of the conference is kept private to the set of >> invited participants and only other devices trusted by those >> participants with their media. At the same time, multi-party media >> conferences do need source authentication and integrity checks to >> protect against modifications, insertions or replay attacks. Media >> distribution devices supporting these conferences may also perform RTP >> header changes and often consume and create RTCP messages for efficient >> media handling. >> >> To date, deployment models for these multi-party media distribution >> devices do not enable them to perform their functions without having >> keys to decrypt the participants’ media, primarily using Secure RTP >> (RFC3711) to provide session security. >> >> A new architecture model and related specifications is needed, with a >> focused effort from the RTP and Security communities. >> >> WG Objectives >> ------------- >> >> This WG will work on a solution that enables centralized SRTP based >> conferencing where the central device distributing the media is not >> required to be trusted with the keys to decrypt the participant’s media. >> The media must be kept confidential and authenticated between an >> originating endpoint and the explicitly allowed receiving endpoints or >> other devices. Further it is desired that a solution still provide >> replay protection so that the media distribution devices can’t replay >> previous parts of the media. >> >> The solution must also provide security for each hop between endpoints >> and multi-party media distribution devices and between multi-party media >> distribution devices. The RTCP messages and RTP header extensions >> required for the media distribution device to perform the selective >> media forwarding may require both source authentication and integrity as >> well as confidentiality. The solution may also consider providing >> end-to-end security for a subset of the RTCP messages or header >> extensions. >> >> The solution should be usable from both SIP and WebRTC endpoints that >> implement the extension defined by this WG. >> >> This WG will perform the following work: >> >> 1. Define a general architecture and RTP topology(s) that enables >> end-to-end media security for multi-party RTP conferencing. >> >> 2. Define the trust model and describe the resulting security >> properties. >> >> 3. Specify any necessary extensions to SRTP. >> >> 4. Define a Key Management Function that distributes the keys. The >> system needs to be able to bind the media to the sender of the >> media’s identity and/or the identity of the conference. >> >> Collaboration >> ------------- >> >> If there is identification of missing protocols or functionalities, such >> work can be requested to be done in another working group with a >> suitable charter or by requests for chartering it in this WG or another >> WG. Potential work that might require work in other WGs are DTLS >> extensions (TLS) as well as RTP header extensions (AVTEXT). This >> requires strong collaboration with the security area. We will notify >> SIPREC, W3C WebRTC, AVTCore, and other related groups about this work. >> >> Non-Goals >> --------- >> >> The WG is not chartered to extend any signaling system used to establish >> the RTP based conferences. It will however, need to consider in its >> architecture how the solution may integrate with these systems. >> >> Will not consider non-real-time usages, multicast based media >> distribution, or Security descriptions-based keying. >> >> Goals and Milestones >> -------------------- >> >> TBD Submit architecture or framework specification to IESG (Standards >> Track) >> >> TBD Submit protocol specification(s) to IESG (Standards Track) >> >> >> >> >> Cheers >> >> Magnus Westerlund >> (AVTCORE WG chair) >> >> >> ---------------------------------------------------------------------- >> Services, Media and Network features, Ericsson Research EAB/TXM >> ---------------------------------------------------------------------- >> Ericsson AB | Phone +46 10 7148287 >> Färögatan 6 | Mobile +46 73 0949079 >> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com >> ---------------------------------------------------------------------- >> >> _______________________________________________ >> dispatch mailing list >> dispatch@ietf.org >> https://www.ietf.org/mailman/listinfo/dispatch > > -- Magnus Westerlund ---------------------------------------------------------------------- Services, Media and Network features, Ericsson Research EAB/TXM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Färögatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [dispatch] Proposal for a new WG: Privacy Enhance… Magnus Westerlund
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Ben Campbell
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Simon Perreault
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Magnus Westerlund
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Robert Sparks
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Ben Campbell
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Magnus Westerlund
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul Kyzivat
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Jonathan Lennox
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Jonathan Lennox
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Robert Sparks
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Jonathan Lennox
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Robert Sparks
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Adam Roach
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Christian Groves
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Christian Groves
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul Kyzivat
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul E. Jones
- Re: [dispatch] Proposal for a new WG: Privacy Enh… David Benham (dbenham)
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Adam Roach
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul Kyzivat
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Eric Rescorla
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Adam Roach
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul Kyzivat
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Paul Kyzivat
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Christian Groves
- Re: [dispatch] Proposal for a new WG: Privacy Enh… Roni Even