--- 1/draft-ietf-perc-private-media-framework-11.txt 2019-06-05 16:13:16.107906552 -0700 +++ 2/draft-ietf-perc-private-media-framework-12.txt 2019-06-05 16:13:16.175908283 -0700 @@ -1,21 +1,21 @@ Network Working Group P. Jones Internet-Draft Cisco Intended status: Standards Track D. Benham -Expires: November 22, 2019 C. Groves +Expires: December 7, 2019 C. Groves Independent - May 21, 2019 + June 5, 2019 A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing (PERC) - draft-ietf-perc-private-media-framework-11 + draft-ietf-perc-private-media-framework-12 Abstract This document describes a solution framework for ensuring that media confidentiality and integrity are maintained end-to-end within the context of a switched conferencing environment where media distributors are not trusted with the end-to-end media encryption keys. The solution builds upon existing security mechanisms defined for the real-time transport protocol (RTP). @@ -27,21 +27,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on November 22, 2019. + This Internet-Draft will expire on December 7, 2019. Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -112,23 +112,22 @@ only a subset of flows based on voice activity detection or other criteria. In some instances, Media Distributors may make limited modifications to RTP [RFC3550] headers, for example, but the actual media content (e.g., voice or video data) is unaltered. An advantage of switched conferencing is that Media Distributors can be more easily deployed on general-purpose computing hardware, including virtualized environments in private and public clouds. Virtualized public cloud environments have been viewed as less secure since resources are not always physically controlled by those who use - them and since there are usually several ports open to the public. - This document defines improved security so as to lower the barrier to - taking advantage of those environments. + them. This document defines improved security so as to lower the + barrier to taking advantage of those environments. This document defines a solution framework wherein media privacy is ensured by making it impossible for a Media Distributor to gain access to keys needed to decrypt or authenticate the actual media content sent between conference participants. At the same time, the framework allows for the Media Distributors to modify certain RTP headers; add, remove, encrypt, or decrypt RTP header extensions; and encrypt and decrypt RTP Control Protocol (RTCP) [RFC3550] packets. The framework also prevents replay attacks by authenticating each packet transmitted between a given participant and the Media