draft-ietf-avt-srtp-not-mandatory-08.txt   draft-ietf-avt-srtp-not-mandatory-09.txt 
Network Working Group C. Perkins Network Working Group C. Perkins
Internet-Draft University of Glasgow Internet-Draft University of Glasgow
Intended status: Informational M. Westerlund Intended status: Informational M. Westerlund
Expires: May 3, 2012 Ericsson Expires: January 17, 2013 Ericsson
October 31, 2011 July 16, 2012
Why RTP Does Not Mandate a Single Security Mechanism Why RTP Does Not Mandate a Single Security Mechanism
draft-ietf-avt-srtp-not-mandatory-08.txt draft-ietf-avt-srtp-not-mandatory-09.txt
Abstract Abstract
This memo discusses the problem of securing real-time multimedia This memo discusses the problem of securing real-time multimedia
sessions, and explains why the Real-time Transport Protocol (RTP), sessions, and explains why the Real-time Transport Protocol (RTP),
and the associated RTP control protocol (RTCP), do not mandate a and the associated RTP control protocol (RTCP), do not mandate a
single media security mechanism. It also discusses how applications single media security mechanism. Guidelines for designers and
using RTP can meet the goals of BCP 61 to have strong and mandatory reviewers of future RTP extensions are provided, to ensure that
to implement security. appropriate security mechanisms are mandated, and that any such
mechanisms are specified in a manner that conforms with the RTP
architecture.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 3, 2012. This Internet-Draft will expire on January 17, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. RTP Applications and Deployment Scenarios . . . . . . . . . . 3 2. RTP Applications and Deployment Scenarios . . . . . . . . . . . 3
3. Implications for RTP Security . . . . . . . . . . . . . . . . 4 3. RTP Media Security . . . . . . . . . . . . . . . . . . . . . . 4
4. Implications for Key Management . . . . . . . . . . . . . . . 5 4. RTP Session Establishment and Key Management . . . . . . . . . 5
5. On the Requirement for Strong Security in IETF protocols . . . 7 5. On the Requirement for Strong Security in Framework
6. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 8 protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Security Mechanisms for RTP . . . . . . . . . . . . . . . . . . 6
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 7. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . 7
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
10. Informative References . . . . . . . . . . . . . . . . . . . . 9 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7
11. Informative References . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
The Real-time Transport Protocol (RTP) [RFC3550] is widely used for The Real-time Transport Protocol (RTP) [RFC3550] is widely used for
voice over IP, Internet television, video conferencing, and various voice over IP, Internet television, video conferencing, and other
other real-time and streaming media applications. Despite this, the real-time and streaming media applications. Despite this use, the
base RTP specification provides very limited options for media basic RTP specification provides only limited options for media
security, and defines no standard key exchange mechanism. Rather, a security, and defines no standard key exchange mechanism. Rather, a
number of extensions are defined to provide confidentiality and number of extensions are defined that can provide confidentiality and
authentication of RTP media streams and RTCP control messages, and to authentication of RTP media streams and RTCP control messages. Other
exchange security keys. This memo outlines why it is appropriate mechanisms define key exchange protocols. This memo outlines why it
that multiple extension mechanisms are defined, rather than mandating is appropriate that multiple extension mechanisms are defined rather
a single security and keying mechanism. than mandating a single security and keying mechanism.
The consensus for Strong Security Requirements for IETF Standard
Protocols (BCP61) [RFC3365] describes the Danvers Doctrine, which
states that:
"The solution is that we MUST implement strong security in all
protocols to provide for the all too frequent day when the
protocol comes into widespread use in the global Internet."
BCP 61 also discusses that security must be implemented, and makes
the following statement:
"However security must be a MUST IMPLEMENT so that end users will
have the option of enabling it when the situation calls for it."
This IETF consensus provides a clear challange for RTP security, due
to the heterogenous scenarios in which RTP can be used, and the wide
choice of security mechanisms available. This memo describes how RTP
based applications, or classes of applications, can best meet the
security goals of BCP 61.
This memo provides information for the community; it does not specify The IETF policy on Strong Security Requirements for IETF Standard
a standard of any kind. Protocols [RFC3365] (the so-called "Danvers Doctrine") states that
"we MUST implement strong security in all protocols to provide for
the all too frequent day when the protocol comes into widespread use
in the global Internet". The mechanisms defined for use with RTP
allow these requirements to be met. However, since RTP is a protocol
framework that is suitable for a wide variety of use cases, there is
no single security mechanism that is suitable for every scenario.
This memo outlines why this is the case, and discusses how users of
RTP can meet the requirement for strong security.
The structure of this memo is as follows. Section 2 describes a This memo provides information for the community and for reviewers of
number of scenarios in which RTP is deployed. Following this, future RTP-related work in the IETF. It does not specify a standard
Section 3 outlines the implications of this range of scenarios for of any kind.
media confidentially and authentication, and Section 4 outlines the
implications for key exchange. Section 5 outlines how the RTP
framework can meet the requirement of BCP 61. Section 6 then
concludes and gives some recommendations.
2. RTP Applications and Deployment Scenarios 2. RTP Applications and Deployment Scenarios
The range of application and deployment scenarios where RTP has been The range of application and deployment scenarios where RTP has been
used includes, but is not limited to, the following: used includes, but is not limited to, the following:
o Point-to-point voice telephony (fixed and wireless networks) o Point-to-point voice telephony (fixed and wireless networks)
o Point-to-point voice and video conferencing o Point-to-point voice and video conferencing
skipping to change at page 4, line 28 skipping to change at page 4, line 12
o Source-specific multicast (SSM) streaming to large group (IPTV and o Source-specific multicast (SSM) streaming to large group (IPTV and
3GPP Multimedia Broadcast Multicast Service (MBMS) [MBMS]) 3GPP Multimedia Broadcast Multicast Service (MBMS) [MBMS])
o Replicated unicast streaming to a group o Replicated unicast streaming to a group
o Interconnecting components in music production studios and video o Interconnecting components in music production studios and video
editing suites editing suites
o Interconnecting components of distributed simulation systems o Interconnecting components of distributed simulation systems
o Streaming real-time sensor data o Streaming real-time sensor data (e.g., e-VLBI radio astronomy)
As can be seen, these scenarios vary from point-to-point to very As can be seen, these scenarios vary from point-to-point to large
large multicast groups, from interactive to non-interactive, and from multicast groups, from interactive to non-interactive, and from low
low bandwidth (kilobits per second) to very high bandwidth (multiple bandwidth (kilobits per second) telephony to high bandwidth (multiple
gigabits per second). While most of these applications run over UDP gigabits per second) video and data streaming. While most of these
[RFC0768], some use TCP [RFC0793], [RFC4614] or DCCP [RFC4340] as applications run over UDP [RFC0768], some use TCP [RFC0793],
their underlying transport. Some run on highly reliable optical [RFC4614] or DCCP [RFC4340] as their underlying transport. Some run
networks, others use low rate unreliable wireless networks. Some on highly reliable optical networks, others use low rate unreliable
applications of RTP operate entirely within a single trust domain, wireless networks. Some applications of RTP operate entirely within
others are inter-domain, with untrusted (and potentially unknown) a single trust domain, others are inter-domain, with untrusted (and
users. The range of scenarios is wide, and growing both in number potentially unknown) users. The range of scenarios is wide, and
and in heterogeneity. growing both in number and in heterogeneity.
3. Implications for RTP Security 3. RTP Media Security
The wide range of application scenarios where RTP is used has led to The wide range of application scenarios where RTP is used has led to
the development of multiple solutions for securing RTP media streams the development of multiple solutions for securing RTP media streams
and RTCP control messages, considering different requirements. and RTCP control messages, considering different requirements.
Perhaps the most widely applicable of these solutions is the Secure
RTP (SRTP) framework [RFC3711]. This is an application-level media
security solution, encrypting the media payload data (but not the RTP
headers) to provide some degree of confidentiality, and providing
optional source origin authentication. It was carefully designed to
be both low overhead, and to support the group communication features
of RTP, across a range of networks.
SRTP is not the only media security solution in use, however, and
alternatives are more appropriate for some scenarios. For example,
many client-server streaming media applications can run over a single
TCP connection, multiplexing media data with control information on
that connection (RTSP [I-D.ietf-mmusic-rfc2326bis] is a widely used
example of such a protocol). One way to provide media security for
such client-server media applications is to use TLS [RFC5246] to
protect the TCP connection, sending the RTP media data over the TLS
connection. Using the SRTP framework in addition to TLS is
unnecessary, and would result in double encryption of the media, and
SRTP cannot be used instead of TLS since it is RTP-specific, and so
cannot protect the control traffic.
Other RTP use cases work over networks which provide security at the
network layer, using IPsec. For example, certain 3GPP networks need
IPsec security associations for other purposes, and can reuse those
to secure the RTP session [TS-33210]. SRTP is, again, unnecessary in
such environments, and its use would only introduce overhead for no
gain.
For some applications it is sufficient to protect the RTP payload
data while leaving RTP, transport, and network layer headers
unprotected. An example of this is RTP broadcast over DVB-H
[ETSI.TS.102.474], where one mode of operation uses ISMA Cryp 2.0
[ISMA] to encrypt the RTP payload data only.
All these are application scenarios where RTP has seen commercial
deployment. Other use cases exist, with additional requirements.
For example, if the media transport is done over UDP [RFC0768], DCCP
[RFC4340] or SCTP [RFC4960], then using DTLS [RFC4347] to protect the
whole RTP packets is an option. There is no media security protocol
that is appropriate for all these environments. Accordingly,
multiple RTP media security protocols can be expected to remain in
wide use.
4. Implications for Key Management
With such a diverse range of use cases come a range of different
protocols for RTP session establishment. Mechanisms used to provide
security keying for these different session establishment protocols
can basically be put into two categories: inband and out-of-band in
relation to the session establishment mechanism. The requirements
for these solutions are highly varying. Thus a wide range of
solutions have been developed in this space:
o A common use case for RTP is probably point-to-point voice calls
or centralised group conferences, negotiated using SIP [RFC3261]
with the SDP offer/answer model [RFC3264], operating on a trusted
infrastructure. In such environments, SDP security descriptions
[RFC4568], or the MIKEY [RFC3830] protocol using the Key
Management Extensions for SDP [RFC4567], are appropriate keying
mechanisms, where the keying messages/material are embedded in the
SDP [RFC4566] exchange. The infrastructure may be secured by
protecting the SDP exchange in SIP using TLS or S/MIME, for
example [RFC3261]. Protocols such as DTLS-SRTP [RFC5764] or ZRTP
[RFC6189] are also appropriate in such environments.
o Point-to-point RTP sessions may be negotiated using SIP with the
offer/answer model, but operating over a network with untrusted
infrastructure. In such environments, the key management protocol
can be run on the media path, bypassing the untrusted
infrastructure. Protocols such as DTLS-SRTP [RFC5764] or ZRTP
[RFC6189] are useful here, as are inband mechanism that protect
the keying material such as MIKEY [RFC3830] using the Key
Management Extensions for SDP [RFC4567]. It should be noted that
the end-points for all the above mechanisms must prevent total
downgrade to no security for the RTP media streams.
o For point-to-point client-server streaming of RTP over RTSP, a TLS Perhaps the most widely applicable of these security options is the
association is appropriate to manage keying material, in much the Secure RTP (SRTP) framework [RFC3711]. This is an application-level
same manner as would be used to secure an HTTP session. But also media security solution, encrypting the media payload data (but not
using SRTP with DTLS-SRTP keying or DTLS are appropriate choices. the RTP headers) to provide confidentiality, and supporting source
origin authentication as an option. SRTP was carefully designed to
be both low overhead, and to support the group communication and
third-party performance monitoring features of RTP, across a range of
networks.
o A session description may be sent by email, secured using S/MIME SRTP is not the only media security solution in use, however, and
or PGP, or retrieved from a web page, using HTTP with TLS. alternatives are more appropriate for some scenarios, and necessary
in some cases where SRTP is not suitable. At present, there is no
media security protocol that is appropriate for all the environments
where RTP is used. Multiple RTP media security protocols can be
expected to remain in wide use for the forseeable future.
o A session description may be distributed to a multicast group The range of available RTP security options, and their applicability,
using SAP or FLUTE secured with S/MIME. are described in [I-D.ietf-avtcore-rtp-security-options].
o A session description may be distributed using the Open Mobile 4. RTP Session Establishment and Key Management
Alliance DRM key management specification [OMA-DRM] when using a
point-to-point streaming session setup with RTSP in the 3GPP PSS
environment [PSS].
o In the 3GPP Multimedia Broadcast Multicast Service (MBMS) system, A range of different protocols for RTP session establishment and key
HTTP and MIKEY are used for key management [MBMS-SEC]. exchange exist, matching the diverse range of use cases for the RTP
framework. These mechanisms can be split into two categories: those
that operate in-band on the media path, and those that are out-of-
band and operate as part of the session establishment signalling
channel. The requirements for these two classes of solution are
different, and a wide range of solutions have been developed in this
space.
A more detailed survey of requirements for media security management A more detailed survey of requirements for media security management
protocols can be found in [RFC5479]. As can be seen, the range of protocols can be found in [RFC5479]. As can be seen, the range of
use cases is wide, and there is no single protocol that is use cases is wide, and there is no single key management protocol
appropriate for all scenarios. These solutions have been further that is appropriate for all scenarios. These solutions have been
diversified by the existence of infrastructure elements such as further diversified by the existence of infrastructure elements such
authentication solutions that are tied into the key management. as authentication solutions that are tied into the key management.
Some of the available keying options for RTP sessions are described
in [I-D.ietf-avtcore-rtp-security-options], although this list is not
ensured to be exhaustive but include the ones known to the authors at
the time of publication.
5. On the Requirement for Strong Security in IETF protocols 5. On the Requirement for Strong Security in Framework protocols
BCP 61 [RFC3365] puts a requirement on IETF protocols to provide The IETF requires that all protocols provide a strong, mandatory to
strong, mandatory to implement, security solution. This is actually implement, security solution [RFC3365]. This is essential for the
quite a difficult requirement for any type of framework protocol like overall security of the Internet, to ensure that all implementations
RTP, or for that matter the Reliable Multicast Transport suite of a protocol can interoperate in a secure way. Framework protocols
[RFC3048], since one can never know all the deployment scenarios, and offer a challenge for this mandate, however, since they are designed
if they are covered by the security solution. It would clearly be for use by different classes of applications, in different
desirable if a single media security solution and a single key environments. The different use cases for the framework have
management solution could be developed, satisfying the range of use different security requirements, and implementations designed for
cases for RTP. The authors are not aware of any such solution, different environments are generally not expected to interwork.
however, and believe it is unlikely that any single solution can be
developed.
For a framework protocol it appears that the only sensible solution RTP is an example of a framework protocol with wide applicability.
to the requirement of BCP 61 is to develop or use security building The wide range of scenarios described in Section 2 show the issues
blocks, like SRTP, SDP security descriptions, MIKEY, DTLS, DTLS-SRTP, that arise in mandating a single security mechanism for this type of
or IPsec, to provide the basic security services of authorization, framework. It would be desirable if a single media security
data integrity protection and date confidentiality protection. When solution, and a single key management solution, could be developed,
new usages of the RTP framework arise, one needs to analyze the suitable for applications across this range of use scenarios. The
situation, to determine if the existing building blocks satisfy the authors are not aware of any such solution, however, and believe it
requirements. If not, it is necessary to develop new security is unlikely that any such solution will be developed. In part, this
building blocks. is because applications in the different domains are not intended to
interwork, so there is no incentive to develop a single mechanism.
More importantly, though, the security requirements for the different
usage scenarios vary widely, and an appropriate security mechanism in
one scenario simply does not work for some other scenarios.
When it comes to fulfilling the "MUST Implement" strong security for For a framework protocol, it appears that the only sensible solution
a specific application, or class of applications, it will fall on to the strong security requirement of [RFC3365] is to develop and use
that application to actually consider what building blocks it is building blocks for the basic security services of confidentiality,
required to support. To maximize interoperability it is desirable if integrity protection, authorisation, and authentication. When new
certain applications, or classes of application with similar uses for the framework arise, they need to be studied to check if the
requirements, agree on what data security mechanisms and key- existing building blocks satisfy the requirements. A mandatory to
management should be used. If such agreement is not possible, there implement set of security building blocks can then be specified for
will be increased cost, either in the lack of interoperability, or in that usage scenario of the framework.
the need to implement more solutions. Unfortunately this situation,
if not handled reasonably well, can result in a failure to satisfy
the requirement of providing the users with an option of turning on
strong security when desired.
The IETF needs to perform this selection of security building blocks Therefore, when considering the strong and mandatory to implement
whenever it is possible. This can be done if the application, or security mechanism for a specific class of applications, one has to
class of applications, is being specified within the IETF, or wich a consider what security building blocks need to be supported. To
scope where the IETF can take the role to provide a security profile. maximize interoperability it is important that common media security
However, it is clear that many applications, or classes of and key management mechanisms are defined for classes of application
application, are specified outside the scope and influence of the with similar requirements. The IETF needs to participate in this
IETF. In those case we can't do other than strongly recommend these selection of security building blocks for each class of applications
organizations perform a security analysis, taking into account other that use the protocol framework and are expected to interoperate
applications, to try to maximize the security and interoperability. where IETF has the appropriate knowledge of the class of
applications.
6. Conclusions 6. Security Mechanisms for RTP
As discussed earlier it appears that a single solution can't be RTP is a framework protocol, so the arguments in in Section 5 apply.
designed to meet the diverse requirements. In the absence of such a The security building blocks available for RTP at the time of this
solution, it is hoped that this memo explains why SRTP is not writing are described in [I-D.ietf-avtcore-rtp-security-options].
mandatory as the media security solution for RTP-based systems, and That memo also gives examples of how those security building blocks
why we can expect multiple key management solutions for systems using can be combined to give mandatory to implement security for some RTP
RTP. application scenarios.
It is very important for any RTP-based application to consider how it RTP can be extended in different ways. Two important extension
meets the security requirements. This will require some analysis to points are RTP Payload Formats and RTP Profiles. An RTP Payload
determine these requirements, followed by the selection of a Format defines how the output of a new media codec can be used with
mandatory to implement solution, or in exceptional scenarios several RTP. It is appropriate for an RTP payload format to discuss specific
solutions, including the desired RTP traffic protection and key- security implications of using that codec with RTP, but it is not
management. When defining applications or protocols using RTP within appropriate for an RTP payload format to mandate the use of SRTP, or
the IETF, the responsibility for fulfilling the BCP 61 requirements any other security building blocks, since that payload format might
will fall onto the developers of these applications. IETF also be used in a range of different scenarios.
should be open to help other standards bodies by defining security
profiles suitable for classes of applications.
Anyone defining an RTP based application needs to take care to RTP profiles are larger extensions that adapt the RTP framework for
consider how to fulfill its security goals and specify which use with particular classes of application. In some cases, those
mechanisms that are to be implemented. In that work interoperability classes of application might share common security requirements so
with similar applications should be considered, so that when such that it could make sense for an RTP profile to mandate particular
applications becomes desirable to interconnect those applications, security options and building blocks. In other cases, though, an RTP
their security solutions are compatible and will not require profile is applicable to such a wide range of applications that it
additional implementation or costly gateways that also reduce would not make sense for that profile to mandate particular security
security by forcing a trusted third party. building blocks be used. Any new RTP profile ought to discuss if it
makes sense to mandate particular security building blocks be used
with implementations of that profile, but without the expectation
that all RTP profiles will mandate particular security solutions.
SRTP is a preferred solution for the protection of the RTP traffic in 7. Conclusions
those use cases where it is applicable. It is out of scope for this
memo to recommend a preferred key management solution in general.
The authors do note that DTLS-SRTP was developed in the IETF to meet
the goals of point to point media sessions established by SIP.
7. Security Considerations RTP is used in a wide range of scenarios, without comon security
requirements. Accordingly, a single security solution cannot be
mandated for all scenarios. In the absence of such a solution, it is
hoped that this memo explains why SRTP is not mandatory as the media
security solution for RTP-based systems, and why we can expect
multiple key management solutions for systems using RTP.
It is important consider how strong and interoperable security can be
offered for every scenario in which RTP applications are used, and
for every class of RTP applications. This will require analysis to
determine the security requirements, followed by the selection of a
mandatory to implement security building blocks for that class of
application, including the desired RTP traffic protection and key-
management. Commonality of security mechanisms is desirable, where
appropriate.
8. Security Considerations
This entire memo is about security. This entire memo is about security.
8. IANA Considerations 9. IANA Considerations
No IANA actions are required. None.
9. Acknowledgements 10. Acknowledgements
Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes, Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes,
Martin Ellis, Ali Begen, and Keith Drage for their feedback. Martin Ellis, Ali Begen, and Keith Drage for their feedback.
10. Informative References 11. Informative References
[ETSI.TS.102.474]
ETSI, "Digital Video Broadcasting (DVB); IP Datacast over
DVB-H: Service Purchase and Protection", ETSI TS 102 474,
November 2007.
[I-D.ietf-mmusic-rfc2326bis]
Schulzrinne, H., Rao, A., Lanphier, R., Westerlund, M.,
and M. Stiemerling, "Real Time Streaming Protocol 2.0
(RTSP)", draft-ietf-mmusic-rfc2326bis-28 (work in
progress), October 2011.
[ISMA] Internet Streaming Media Alliance, "Encryption and [I-D.ietf-avtcore-rtp-security-options]
Authentication Version 2.0", November 2007. Westerlund, M. and C. Perkins, "Options for Securing RTP
Sessions", draft-ietf-avtcore-rtp-security-options-00
(work in progress), July 2012.
[MBMS] 3GPP, "Multimedia Broadcast/Multicast Service (MBMS); [MBMS] 3GPP, "Multimedia Broadcast/Multicast Service (MBMS);
Protocols and codecs TS 26.346". Protocols and codecs TS 26.346".
[MBMS-SEC]
3GPP, "Security of Multimedia Broadcast/Multicast Service
(MBMS) TS 33.246".
[OMA-DRM] Open Mobile Alliance, "DRM Specification 2.0".
[PSS] 3GPP, "Transparent end-to-end Packet-switched Streaming
Service (PSS); Protocols and codecs TS 26.234".
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980. August 1980.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7, [RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, September 1981. RFC 793, September 1981.
[RFC3048] Whetten, B., Vicisano, L., Kermode, R., Handley, M.,
Floyd, S., and M. Luby, "Reliable Multicast Transport
Building Blocks for One-to-Many Bulk-Data Transfer",
RFC 3048, January 2001.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model
with Session Description Protocol (SDP)", RFC 3264,
June 2002.
[RFC3365] Schiller, J., "Strong Security Requirements for Internet [RFC3365] Schiller, J., "Strong Security Requirements for Internet
Engineering Task Force Standard Protocols", BCP 61, Engineering Task Force Standard Protocols", BCP 61,
RFC 3365, August 2002. RFC 3365, August 2002.
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, July 2003. Applications", STD 64, RFC 3550, July 2003.
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
Norrman, "The Secure Real-time Transport Protocol (SRTP)", Norrman, "The Secure Real-time Transport Protocol (SRTP)",
RFC 3711, March 2004. RFC 3711, March 2004.
[RFC3830] Arkko, J., Carrara, E., Lindholm, F., Naslund, M., and K.
Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830,
August 2004.
[RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram [RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram
Congestion Control Protocol (DCCP)", RFC 4340, March 2006. Congestion Control Protocol (DCCP)", RFC 4340, March 2006.
[RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security", RFC 4347, April 2006.
[RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Description Protocol", RFC 4566, July 2006.
[RFC4567] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E.
Carrara, "Key Management Extensions for Session
Description Protocol (SDP) and Real Time Streaming
Protocol (RTSP)", RFC 4567, July 2006.
[RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session
Description Protocol (SDP) Security Descriptions for Media
Streams", RFC 4568, July 2006.
[RFC4614] Duke, M., Braden, R., Eddy, W., and E. Blanton, "A Roadmap [RFC4614] Duke, M., Braden, R., Eddy, W., and E. Blanton, "A Roadmap
for Transmission Control Protocol (TCP) Specification for Transmission Control Protocol (TCP) Specification
Documents", RFC 4614, September 2006. Documents", RFC 4614, September 2006.
[RFC4960] Stewart, R., "Stream Control Transmission Protocol",
RFC 4960, September 2007.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008.
[RFC5479] Wing, D., Fries, S., Tschofenig, H., and F. Audet, [RFC5479] Wing, D., Fries, S., Tschofenig, H., and F. Audet,
"Requirements and Analysis of Media Security Management "Requirements and Analysis of Media Security Management
Protocols", RFC 5479, April 2009. Protocols", RFC 5479, April 2009.
[RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer
Security (DTLS) Extension to Establish Keys for the Secure
Real-time Transport Protocol (SRTP)", RFC 5764, May 2010.
[RFC6189] Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media
Path Key Agreement for Unicast Secure RTP", RFC 6189,
April 2011.
[TS-33210]
3GPP, "IP network layer security", 3GPP TS 33.210.
Authors' Addresses Authors' Addresses
Colin Perkins Colin Perkins
University of Glasgow University of Glasgow
Department of Computing Science School of Computing Science
Glasgow G12 8QQ Glasgow G12 8QQ
UK UK
Email: csp@csperkins.org Email: csp@csperkins.org
Magnus Westerlund Magnus Westerlund
Ericsson Ericsson
Farogatan 6 Farogatan 6
Kista SE-164 80 Kista SE-164 80
Sweden Sweden
Email: magnus.westerlund@ericsson.com Email: magnus.westerlund@ericsson.com
 End of changes. 44 change blocks. 
313 lines changed or deleted 184 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/