[MMUSIC] Where to apply encryption?

worley@ariadne.com (Dale R. Worley) Wed, 27 February 2013 21:58 UTC

Return-Path: <worley@shell01.TheWorld.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1857721F8838 for <mmusic@ietfa.amsl.com>; Wed, 27 Feb 2013 13:58:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.754
X-Spam-Level:
X-Spam-Status: No, score=-2.754 tagged_above=-999 required=5 tests=[AWL=0.226, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, RCVD_IN_SORBS_WEB=0.619]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id db1GJ-cdjCyM for <mmusic@ietfa.amsl.com>; Wed, 27 Feb 2013 13:58:43 -0800 (PST)
Received: from TheWorld.com (pcls6.std.com [192.74.137.146]) by ietfa.amsl.com (Postfix) with ESMTP id 59E4D21F87FF for <mmusic@ietf.org>; Wed, 27 Feb 2013 13:58:43 -0800 (PST)
Received: from shell.TheWorld.com (root@shell01.theworld.com [192.74.137.71]) by TheWorld.com (8.14.5/8.14.5) with ESMTP id r1RLw7tg017215 for <mmusic@ietf.org>; Wed, 27 Feb 2013 16:58:09 -0500
Received: from shell01.TheWorld.com (localhost.theworld.com [127.0.0.1]) by shell.TheWorld.com (8.13.6/8.12.8) with ESMTP id r1RLw6GJ2734665 for <mmusic@ietf.org>; Wed, 27 Feb 2013 16:58:06 -0500 (EST)
Received: (from worley@localhost) by shell01.TheWorld.com (8.13.6/8.13.6/Submit) id r1RLw6t72679355; Wed, 27 Feb 2013 16:58:06 -0500 (EST)
Date: Wed, 27 Feb 2013 16:58:06 -0500
Message-Id: <201302272158.r1RLw6t72679355@shell01.TheWorld.com>
From: worley@ariadne.com
Sender: worley@ariadne.com
To: mmusic@ietf.org
Subject: [MMUSIC] Where to apply encryption?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2013 21:58:44 -0000

Current bundling proposals seem to expect that the packets on the wire
will be either SRTP/SRTCP or SCTP-within-DTLS.  Of course, this
provides encryption of the carried media.

But it seems to me that it would be more straightforward to multiplex
RTP/RTCP and SCTP packets, and than as a lower layer, have one DTLS
association that encrypts all of those packets indifferently.  It
would also provide privacy regarding the number and types of the
bundled media streams.

But my knowledge of crypto is thin, and maybe there's a reason that
using one DTLS association to encrypt the multiplexed packet stream
wouldn't work as well.

Dale