| draft-ietf-perc-private-media-framework-11.txt | draft-ietf-perc-private-media-framework-12.txt | |||
|---|---|---|---|---|
| Network Working Group P. Jones | Network Working Group P. Jones | |||
| Internet-Draft Cisco | Internet-Draft Cisco | |||
| Intended status: Standards Track D. Benham | Intended status: Standards Track D. Benham | |||
| Expires: November 22, 2019 C. Groves | Expires: December 7, 2019 C. Groves | |||
| Independent | Independent | |||
| May 21, 2019 | June 5, 2019 | |||
| A Solution Framework for Private Media in Privacy Enhanced RTP | A Solution Framework for Private Media in Privacy Enhanced RTP | |||
| Conferencing (PERC) | Conferencing (PERC) | |||
| draft-ietf-perc-private-media-framework-11 | draft-ietf-perc-private-media-framework-12 | |||
| Abstract | Abstract | |||
| This document describes a solution framework for ensuring that media | This document describes a solution framework for ensuring that media | |||
| confidentiality and integrity are maintained end-to-end within the | confidentiality and integrity are maintained end-to-end within the | |||
| context of a switched conferencing environment where media | context of a switched conferencing environment where media | |||
| distributors are not trusted with the end-to-end media encryption | distributors are not trusted with the end-to-end media encryption | |||
| keys. The solution builds upon existing security mechanisms defined | keys. The solution builds upon existing security mechanisms defined | |||
| for the real-time transport protocol (RTP). | for the real-time transport protocol (RTP). | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on November 22, 2019. | This Internet-Draft will expire on December 7, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 29 ¶ | skipping to change at page 3, line 29 ¶ | |||
| only a subset of flows based on voice activity detection or other | only a subset of flows based on voice activity detection or other | |||
| criteria. In some instances, Media Distributors may make limited | criteria. In some instances, Media Distributors may make limited | |||
| modifications to RTP [RFC3550] headers, for example, but the actual | modifications to RTP [RFC3550] headers, for example, but the actual | |||
| media content (e.g., voice or video data) is unaltered. | media content (e.g., voice or video data) is unaltered. | |||
| An advantage of switched conferencing is that Media Distributors can | An advantage of switched conferencing is that Media Distributors can | |||
| be more easily deployed on general-purpose computing hardware, | be more easily deployed on general-purpose computing hardware, | |||
| including virtualized environments in private and public clouds. | including virtualized environments in private and public clouds. | |||
| Virtualized public cloud environments have been viewed as less secure | Virtualized public cloud environments have been viewed as less secure | |||
| since resources are not always physically controlled by those who use | since resources are not always physically controlled by those who use | |||
| them and since there are usually several ports open to the public. | them. This document defines improved security so as to lower the | |||
| This document defines improved security so as to lower the barrier to | barrier to taking advantage of those environments. | |||
| taking advantage of those environments. | ||||
| This document defines a solution framework wherein media privacy is | This document defines a solution framework wherein media privacy is | |||
| ensured by making it impossible for a Media Distributor to gain | ensured by making it impossible for a Media Distributor to gain | |||
| access to keys needed to decrypt or authenticate the actual media | access to keys needed to decrypt or authenticate the actual media | |||
| content sent between conference participants. At the same time, the | content sent between conference participants. At the same time, the | |||
| framework allows for the Media Distributors to modify certain RTP | framework allows for the Media Distributors to modify certain RTP | |||
| headers; add, remove, encrypt, or decrypt RTP header extensions; and | headers; add, remove, encrypt, or decrypt RTP header extensions; and | |||
| encrypt and decrypt RTP Control Protocol (RTCP) [RFC3550] packets. | encrypt and decrypt RTP Control Protocol (RTCP) [RFC3550] packets. | |||
| The framework also prevents replay attacks by authenticating each | The framework also prevents replay attacks by authenticating each | |||
| packet transmitted between a given participant and the Media | packet transmitted between a given participant and the Media | |||
| End of changes. 5 change blocks. | ||||
| 7 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||