Re: [ietf-privacy] Checking an old protocol, RTSP
Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 21 May 2014 13:28 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id D0F2F1A0675
for <ietf-privacy@ietfa.amsl.com>; Wed, 21 May 2014 06:28:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id pCu3YOWRH1zO for <ietf-privacy@ietfa.amsl.com>;
Wed, 21 May 2014 06:28:37 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 375161A0665
for <ietf-privacy@ietf.org>; Wed, 21 May 2014 06:28:36 -0700 (PDT)
X-AuditID: c1b4fb25-f79226d000004024-2f-537caa02a1e7
Received: from ESESSHC016.ericsson.se (Unknown_Domain [153.88.253.124])
by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id
68.1B.16420.20AAC735; Wed, 21 May 2014 15:28:34 +0200 (CEST)
Received: from [127.0.0.1] (153.88.183.153) by smtp.internal.ericsson.com
(153.88.183.68) with Microsoft SMTP Server id 14.3.174.1; Wed, 21 May 2014
15:28:33 +0200
Message-ID: <537CAA00.1020004@ericsson.com>
Date: Wed, 21 May 2014 09:28:32 -0400
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1;
rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: <ietf-privacy@ietf.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpiluLIzCtJLcpLzFFi42KZGfG3RpdpVU2wwdPNahaHrzawOzB6LFny
kymAMYrLJiU1J7MstUjfLoErY2//IuaCpXwVi3bMY29g3MndxcjJISFgItH4Yh87hC0mceHe
ejYQW0jgKKNE42mlLkYuIHs5o8STnbvAErwC2hLLfu1lBLFZBFQl3u/uYQGx2QQsJG7+aASr
ERUIltjw8C87RL2gxMmZT8BqRASkJfq/3wWrERawkrg5v5Wpi5EDaLG4RE9jEEiYWUBPYsrV
FkYIW16ieetsZoh7tCUamjpYJzDyz0IydRaSlllIWhYwMq9iFC1OLU7KTTcy1kstykwuLs7P
08tLLdnECAy0g1t+q+5gvPzG8RCjAAejEg+vwozqYCHWxLLiytxDjNIcLErivBc1gEIC6Ykl
qdmpqQWpRfFFpTmpxYcYmTg4pRoY3bZWKv3LzZm53fCm36UdZ44/1k9aJZjYY9L6729R2VrF
ZY+2XnvGl/NQVdSuwFritUv+ZYlT5y5uuH7iXgiT+9VgFcfwuFU7jl/TV5klmP+p/qT0qc9z
Pmhy7pVa2X89vENupmDTTBblBuspCSdKK8rPGCosYXzmXbZhJ+eG4As7ljfrG1UcV2Ipzkg0
1GIuKk4EAKGpbeQVAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/bBegKW7WnqNC75sGchbA6-WjeyA
X-Mailman-Approved-At: Wed, 21 May 2014 06:38:49 -0700
Subject: Re: [ietf-privacy] Checking an old protocol, RTSP
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 May 2014 13:28:38 -0000
Hi, Scott Brim invoked me as the author of RTSP 2.0. So I hope can shed some light on the below questions. > > > On 21/05/14 07:27, Christian Huitema wrote: >> I am currently taking a look at RFC 2326: Real Time Streaming Protocol. The >> design of RTSP/1.0 is pretty close to that of HTTP/1.0, with very similar >> security and privacy considerations, but RTSP did not evolve as quickly as >> HTTP. In particular, I cannot find a profile for running RTSP over SSL or >> TLS in the RFC series. Is that defined elsewhere? RTSP 1.0 has a registered port (332) for RTSP over TLS as well as a URI scheme "rtsps". To my understanding RTSP 1.0 over TLS is fairly commonly implemented. However, you are correct that there is no RFC specifying this mode. It was all done by individual registration and without any specification. > > I recall commenting on RTSP and TLS when we did IESG review of that. > Main comment I had (that I recall;-) was there's no equivalent of > HTTP CONNECT. In RTSP 2.0 you have a specification for RTSP 2.0 over TLS. That also include a possibility for hop by hop TLS security where user can accept the proxies being used in the chain. Stephen is correct that neither RTSP 1.0 or 2.0 does define a method for connecting TLS through a proxy, i.e. the equivalent to HTTP Connect. Cheers Magnus Westerlund ---------------------------------------------------------------------- Services, Media and Network features, Ericsson Research EAB/TXM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Färögatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [ietf-privacy] Checking an old protocol, RTSP Christian Huitema
- Re: [ietf-privacy] Checking an old protocol, RTSP Fred Baker (fred)
- Re: [ietf-privacy] Checking an old protocol, RTSP Martin Stiemerling
- Re: [ietf-privacy] Checking an old protocol, RTSP Stephen Farrell
- Re: [ietf-privacy] Checking an old protocol, RTSP Magnus Westerlund