Protocol Action: 'Guidelines for the use of Variable Bit Rate Audio with Secure RTP' to Proposed Standard (draft-ietf-avtcore-srtp-vbr-audio-04.txt)
The IESG <iesg-secretary@ietf.org> Tue, 24 January 2012 21:05 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C067B1F0C3D; Tue, 24 Jan 2012 13:05:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.54
X-Spam-Level:
X-Spam-Status: No, score=-102.54 tagged_above=-999 required=5 tests=[AWL=0.059, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UCSHhWnnUx7b; Tue, 24 Jan 2012 13:05:37 -0800 (PST)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0A5221F8603; Tue, 24 Jan 2012 13:05:36 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Guidelines for the use of Variable Bit Rate Audio with Secure RTP' to Proposed Standard (draft-ietf-avtcore-srtp-vbr-audio-04.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.64p1
Message-ID: <20120124210536.17982.26823.idtracker@ietfa.amsl.com>
Date: Tue, 24 Jan 2012 13:05:36 -0800
Cc: avtcore chair <avtcore-chairs@tools.ietf.org>, avtcore mailing list <avt@ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2012 21:05:38 -0000
The IESG has approved the following document: - 'Guidelines for the use of Variable Bit Rate Audio with Secure RTP' (draft-ietf-avtcore-srtp-vbr-audio-04.txt) as a Proposed Standard This document is the product of the Audio/Video Transport Core Maintenance Working Group. The IESG contact persons are Robert Sparks and Gonzalo Camarillo. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-avtcore-srtp-vbr-audio/ Technical Summary This memo discusses potential security issues that arise when using variable bit rate audio with the secure RTP profile. When using SRTP with voice streams compressed using variable bit rate (VBR) codecs, the length of the compressed packets will depend on the characteristics of the speech signal. This variation in packet size will leak a small amount of information about the contents of the speech signal. Guidelines to mitigate these issues are suggested. Working Group Summary There was early on significant debate on how big a security issue this problem really was. But it was agreed on the need to document the issue and how the issue can be mitigated. Since then there has been good consensus on the document. Document Quality This document has gotten reasonable review from people with both RTP and Security focus. The quality of the document is good. Additional input from the security area during IESG review strengthened some of the recommendations which were re-reviewed with a second IETF LC. Personnel Robert Sparks is the responsible AD. Magnus Westerlund is the document shepherd. RFC Editor Note (valid for version -04) Please change the Intended Status in the header to Proposed Standard