[MMUSIC] FW: Mixing Session Level and Media Level a=key-mgmt:mikey lines
"Pascal Dore" <pdore@m5t.com> Thu, 23 February 2006 13:47 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FCGoh-0001j9-9a; Thu, 23 Feb 2006 08:47:35 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FCGog-0001j4-IR for mmusic@ietf.org; Thu, 23 Feb 2006 08:47:34 -0500
Received: from m5tmail1.m5t.com ([207.134.65.96]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FCGoe-00020F-TO for mmusic@ietf.org; Thu, 23 Feb 2006 08:47:34 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01C6387F.572681C2"
Date: Thu, 23 Feb 2006 08:47:32 -0500
Message-ID: <83F34964B9BBA546BF2584D46870EB992011FE@m5tmail1.m5t.com>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: Mixing Session Level and Media Level a=key-mgmt:mikey lines
Thread-Index: AcYyam1Pj/sTUjbsRQatYS5hCPetCwBYKHjgAAAKdfABLQJHEA==
From: Pascal Dore <pdore@m5t.com>
To: mmusic@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0aa23132abbc731e36938583486affe0
Subject: [MMUSIC] FW: Mixing Session Level and Media Level a=key-mgmt:mikey lines
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
Errors-To: mmusic-bounces@ietf.org
Repost on behalf of Guylain Lavoie to mmusic since no answer received yet in msec mailing list. Thanks, Pascal.D ________________________________ From: msec-bounces@securemulticast.org [mailto:msec-bounces@securemulticast.org] On Behalf Of Christian Beaulieu Sent: 17 février 2006 09:07 To: msec@securemulticast.org Subject: [MSEC] Mixing Session Level and Media Level a=key-mgmt:mikey lines From: Guylain Lavoie Hi everyone, I have two questions related to the utilization of MIKEY with SDP. As stated in draft-ietf-mmusic-kmgmt-ext-15.txt, a single SRTP media stream generates two MIKEY crypto sessions. The first is outgoing and includes the locally known outgoing SSRC and ROC. The second is incoming and includes zeroed SSRC and ROC since they are not known. The MIKEY responder will later provide them in its MIKEY response. Now that being said, if a=key-mgmt:mikey line is located at the session level and there are two m= lines, the session level MIKEY exchange will contain four crypto sessions. Two for each of the SRTP streams. Here is the example. v=0 o=alice 2891092738 2891092738 IN IP4 w-land.example.com s=Cool stuff e=alice@w-land.example.com t=0 0 c=IN IP4 w-land.example.com a=key-mgmt:mikey AQAFgM0XflABZZZZZZZZZZZZZZZZZAy... <== 4 CS m=audio 49000 RTP/SAVP 98 a=rtpmap:98 AMR/8000 m=video 52230 RTP/AVP 31 a=rtpmap:31 H261/90000 draft-ietf-mmusic-kmgmt-ext-15.txt also states that if a key-mgmt attribute exists at the media level, the session level attribute MUST be ignored. Now, this puzzles me. If we reuse the previous example but with a single modification. If one of the media level also contains a a=key-mgmt:mikey line. How many crypto sessions will now be created within the session level MIKEY initiate message? Four or Two? Four for both media lines even if the first one also contains a a=key-mgmt:mikey line or two, only for the second media line. For example, v=0 o=alice 2891092738 2891092738 IN IP4 w-land.example.com s=Cool stuff e=alice@w-land.example.com t=0 0 c=IN IP4 w-land.example.com a=key-mgmt:mikey AQAFgM0XflABZZZZZZZZZZZZZZZZZAy... <== 4 or 2 CS? m=audio 49000 RTP/SAVP 98 a=rtpmap:98 AMR/8000 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAy... <== 2 CS m=video 52230 RTP/AVP 31 a=rtpmap:31 H261/90000 My second question is "What should we do if the media level MIKEY exchange fails while the session level MIKE exchanges is successful?". draft-ietf-mmusic-kmgmt-ext-15.txt says that the session level must be ignored. I assume that if the media level MIKEY exchange fails, then there will be no automatic fallback to the session level MIKEY exchange event if the answer to the first question is four. If the answer was two, then it becomes obvious that there is no fallback. I would expect that no fallback is possible (in all cases). Best Regards, Guylain Lavoie
_______________________________________________ mmusic mailing list mmusic@ietf.org https://www1.ietf.org/mailman/listinfo/mmusic