[Sip] SRTP and MIKEY usage in SIP
"Steffen Fries" <steffen.fries@siemens.com> Mon, 20 January 2003 13:55 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA20284 for <sip-archive@odin.ietf.org>; Mon, 20 Jan 2003 08:55:50 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h0KECtq21770 for sip-archive@odin.ietf.org; Mon, 20 Jan 2003 09:12:55 -0500
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0KECHJ21709; Mon, 20 Jan 2003 09:12:17 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0HFWgJ07205 for <sip@optimus.ietf.org>; Fri, 17 Jan 2003 10:32:42 -0500
Received: from david.siemens.de (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA25433 for <sip@ietf.org>; Fri, 17 Jan 2003 10:16:31 -0500 (EST)
Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by david.siemens.de (8.11.6/8.11.6) with ESMTP id h0HFJrO24305; Fri, 17 Jan 2003 16:19:53 +0100 (MET)
Received: from mars.cert.siemens.de (ust.mchp.siemens.de [139.23.201.17]) by mail1.siemens.de (8.11.6/8.11.6) with ESMTP id h0HFJqL04988; Fri, 17 Jan 2003 16:19:52 +0100 (MET)
Received: from mail-k.mchp.siemens.de (mail-k.mchp.siemens.de [139.23.202.237]) by mars.cert.siemens.de (8.12.7/8.12.7/$SiemensCERT: mail/cert.mc,v 1.40 2003/01/07 15:49:50 ust Exp $) with ESMTP id h0HFJpuB092879; Fri, 17 Jan 2003 16:19:51 +0100 (CET)
Received: from mhpaba5c (mhpaba5c [139.23.204.46]) by mail-k.mchp.siemens.de with ESMTP id h0HFKBg4016627; Fri, 17 Jan 2003 16:20:11 +0100 (MET)
From: Steffen Fries <steffen.fries@siemens.com>
Organization: Siemens AG
To: sip@ietf.org
Date: Fri, 17 Jan 2003 16:19:49 +0100
MIME-Version: 1.0
Reply-to: steffen.fries@siemens.com
CC: Elisabetta.Carrara@era.ericsson.se
Message-ID: <3E282D25.14384.17A03F6@localhost>
Priority: normal
X-mailer: Pegasus Mail for Windows (v4.02a)
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Content-description: Mail message body
Content-Transfer-Encoding: 7bit
Subject: [Sip] SRTP and MIKEY usage in SIP
Sender: sip-admin@ietf.org
Errors-To: sip-admin@ietf.org
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Hi, I'm not quite sure, which working group fits best for this question, thus I'm starting with the SIP WG ;-) When SIP and SRTP are used in conjunction, an appropriate key management is necessary for SRTP. Within the MSEC WG MIKEY has been defined, which is thought to be used (also) for SRTP. MIKEY and an related draft (draft-ietf-msec-MIKEY-DHHMAC- 01.txt) offer 4 different key management methods based on: - pre-shared secrets - public key encryption - Diffie Hellman protected with signatures - Diffie Hellman protected with pre-shared secrets When MIKEY and SRTP are to be used in a SIP environment, what would be a suitable choice out of the four options? I'm not sure if the pre-shared secret pased methods are suitable, since this would assume, that all users who want to communicate need to exchange a shared secret before. Well, this could be done by puting a shared secret in the SIP message and securing this by S/MIME, but then MIKEY would be protected by symmetric methods, although asymmetric technology was used to secure the shared secret transport, namely S/MIME. One could also use the certificates and private keys to secure MIKEY right from the beginning. There might be scenarios where the symmetric case is appropriate, but I'm not sure if this is a rather general case. Is MIKEY generally considered for key management in SIP or will this rather be done using draft-baugher-mmusic-sdpmediasec- 00.txt secured by S/MIME? The usage of MIKEY and SRTP is especially interesting in conjunction with other multimedia protocols like H.323. Voice encryption and associated key management could be performed across the different signaling protocols. Was there already a discussion related to this question, which I may be missed? Regards Steffen _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] RE: SRTP and MIKEY usage in SIP Elisabetta Carrara (EAB)
- [Sip] SRTP and MIKEY usage in SIP Steffen Fries