Re: [rtcweb] Consensus call regarding media security

Bernard Aboba <bernard_aboba@hotmail.com> Thu, 29 March 2012 12:54 UTC

Message-ID: <snt0-p5-eas23A4F74F9163E475BCDDCF93480@phx.gbl>
References: <4F732531.2030208@ericsson.com> <BLU169-W80FA8377288974CAF4716F93480@phx.gbl> <4F745719.5090709@ericsson.com>
Content-Transfer-Encoding: base64
From: Bernard Aboba <bernard_aboba@hotmail.com>
Content-Type: text/plain; charset="utf-8"
In-Reply-To: <4F745719.5090709@ericsson.com>
Date: Thu, 29 Mar 2012 14:54:42 +0200
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
MIME-Version: 1.0 (1.0)
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
Precedence: list

There are a number of potential variants:

a. DTLS-SRTP with IdP (Eric's proposal)
b. DTLS-SRTP as used with SIP (e.g. w/RFC 4474)
c. DTLS-SRTP-EKT
d. DTLS-SRTP with PKI (could be used in government or high security settings)

These variants differ in their potential use cases, security properties and interoperability with existing implementations. 

On Mar 29, 2012, at 14:35, "Magnus Westerlund" <magnus.westerlund@ericsson.com> wrote:
> I hope someone that knows the details can elaborate on this. I thought
> DTLS-SRTP has a core that you will need to implement. Then there is
> clearly a question of crypto algorithms to be supported. But that also
> applies to SRTP where we also need to select which crypto suites that
> are to be implemented if any in addtion to the MITM. The WG will need to
> select these details as part of the next steps.
> 
> Cheers
> 
> Magnus Westerlund
> 
> ----------------------------------------------------------------------
> Multimedia Technologies, Ericsson Research EAB/TVM
> ----------------------------------------------------------------------
> Ericsson AB                | Phone  +46 10 7148287
> Färögatan 6                | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
>

[rtcweb] Consensus call regarding media security Magnus Westerlund
Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
Re: [rtcweb] Consensus call regarding media secur… Eric Rescorla
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Igor Faynberg
Re: [rtcweb] Consensus call regarding media secur… Hadriel Kaplan
Re: [rtcweb] Consensus call regarding media secur… Kevin P. Fleming
Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
Re: [rtcweb] Consensus call regarding media secur… Hadriel Kaplan
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Dan Wing
Re: [rtcweb] Consensus call regarding media secur… Dan Wing
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
Re: [rtcweb] Consensus call regarding media secur… Timothy B. Terriberry
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Justin Uberti
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Bernard Aboba
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Magnus Westerlund
Re: [rtcweb] Consensus call regarding media secur… Bernard Aboba
Re: [rtcweb] Consensus call regarding media secur… Justin Uberti
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Hutton, Andrew
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
Re: [rtcweb] Consensus call regarding media secur… Hutton, Andrew
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Ravindran, Parthasarathi
Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
Re: [rtcweb] Consensus call regarding media secur… Ravindran, Parthasarathi
Re: [rtcweb] Consensus call regarding media secur… jesse
Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
[rtcweb] Which servers to trust (Re: Consensus ca… Harald Alvestrand
Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
Re: [rtcweb] Which servers to trust (Re: Consensu… Randell Jesup
Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
Re: [rtcweb] Consensus call regarding media secur… Magnus Westerlund
Re: [rtcweb] Consensus call regarding media secur… Eric Rescorla