Re: [MSEC] Application layer multicast security protocol

"Lewis Adam-CAL022" <Adam.Lewis@motorolasolutions.com> Wed, 24 August 2011 12:14 UTC

Return-Path: <Adam.Lewis@motorolasolutions.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4579721F8AD3 for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 05:14:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Biw7wgDbVIoM for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 05:14:16 -0700 (PDT)
Received: from mail119.messagelabs.com (mail119.messagelabs.com [216.82.241.195]) by ietfa.amsl.com (Postfix) with ESMTP id 68D6021F8B02 for <msec@ietf.org>; Wed, 24 Aug 2011 05:14:16 -0700 (PDT)
X-Env-Sender: Adam.Lewis@motorolasolutions.com
X-Msg-Ref: server-10.tower-119.messagelabs.com!1314188124!25708735!1
X-Originating-IP: [136.182.1.12]
X-StarScan-Version: 6.3.6; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 13092 invoked from network); 24 Aug 2011 12:15:25 -0000
Received: from motgate2.mot-solutions.com (HELO motgate2.mot-solutions.com) (136.182.1.12) by server-10.tower-119.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 24 Aug 2011 12:15:25 -0000
Received: from il27exr01.cig.mot.com (il27exr01.mot.com [10.17.196.70]) by motgate2.mot-solutions.com (8.14.3/8.14.3) with ESMTP id p7OCFOZS014588 for <msec@ietf.org>; Wed, 24 Aug 2011 05:15:24 -0700 (MST)
Received: from il06exr03.mot.com (il06vts02.mot.com [129.188.137.142]) by il27exr01.cig.mot.com (8.13.1/Vontu) with ESMTP id p7OCFNgH004938 for <msec@ietf.org>; Wed, 24 Aug 2011 07:15:23 -0500 (CDT)
Received: from de01exm70.ds.mot.com (de01exm70.am.mot.com [10.176.8.26]) by il06exr03.mot.com (8.13.1/8.13.0) with ESMTP id p7OCFM4U001368 for <msec@ietf.org>; Wed, 24 Aug 2011 07:15:22 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 24 Aug 2011 08:14:59 -0400
Message-ID: <1F9250DB00086D4E90A7FBC13C5EAF540F1847AA@de01exm70.ds.mot.com>
In-Reply-To: <4E54A020.4020600@codelabs.ch>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [MSEC] Application layer multicast security protocol
thread-index: AcxiKrJqwXH5uf3xSDCTn3gs4C9pSgALHvgw
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com> <4E54A020.4020600@codelabs.ch>
From: Lewis Adam-CAL022 <Adam.Lewis@motorolasolutions.com>
To: Adrian-Ken Rueegsegger <ken@codelabs.ch>, sampreeth ramavana <sampreeth@gmail.com>
X-CFilter-Loop: Reflected
X-Mailman-Approved-At: Wed, 24 Aug 2011 09:02:57 -0700
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 12:17:19 -0000

You can also take a look at MIKEY (rfc3830).

MIKEY can bootstrap SRTP/SRTCP, but it's really a very generic key
transport protocol that transports a crypto key (could be a group key)
from point A to point B.  Your application can use the key as it sees
fit.  

adam



-----Original Message-----
From: msec-bounces@ietf.org [mailto:msec-bounces@ietf.org] On Behalf Of
Adrian-Ken Rueegsegger
Sent: Wednesday, August 24, 2011 1:54 AM
To: sampreeth ramavana
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol

Hi Sampreeth,

On 08/24/2011 07:35 AM, sampreeth ramavana wrote:
> Hi All,
> 
> Is there any multicast security protocol that can be implemented in
> the application layer?
> 
> I was seeing the GDOI protocol was mainly talking about implementing
> using the IPSec at the IP layer. Can GDOI protocol also be useful if
> implemented at application layer.

GDOI can be extended to provide key material for other protocols. Mark,
Sheela and I wrote a draft (which has since expired) which specifies the
usage of GDOI with SRTP [1].

Regards,
Adrian

[1] - http://tools.ietf.org/html/draft-ietf-msec-gdoi-srtp
_______________________________________________
MSEC mailing list
MSEC@ietf.org
https://www.ietf.org/mailman/listinfo/msec