* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Sipbrandy Status Pages

SIP Best-practice Recommendations Against Network Dangers to privacY (Active WG)
Art Area: Barry Leiba, Murray Kucherawy | 2016-Jul-01 —  

2020-03-26 charter

SIP Best-practice Recommendations Against Network Dangers to privacY (sipbrandy)


 Current Status: Active

     Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>
     Gonzalo Salgueiro <gsalguei@cisco.com>

 Applications and Real-Time Area Directors:
     Murray Kucherawy <superuser@gmail.com>
     Barry Leiba <barryleiba@computer.org>

 Applications and Real-Time Area Advisor:
     Murray Kucherawy <superuser@gmail.com>

 Mailing Lists:
     General Discussion: sipbrandy@ietf.org
     To Subscribe:       https://www.ietf.org/mailman/listinfo/sipbrandy
     Archive:            https://mailarchive.ietf.org/arch/browse/sipbrandy/

Description of Working Group:

  SIP with the SDP Offer/Answer model, along with RTP are widely used in
  modern communications networks. But while secure RTP (SRTP) is available
  to provide integrity and privacy protection to such communication, it is
  rarely used end-to-end. This lack is due to several factors, notably the
  pervasive use of signaling and media intermediaries in such networks and
  the difficulties involved in deployment of strong identity mechanisms
  for SIP. These factors are complicated by the fact that there are
  several incompatible approaches to SRTP key exchange.

  The current situation is unacceptable in the face of pervasive
  monitoring, which RFC 7258 describes as "an attack on privacy". In
  addition, the STIR working group is, at the time of this writing,
  revising RFC 4744 to make strong identity attestations for SIP easier to
  deploy. This gives the IETF an opportunity to define best practices to
  improve privacy protections for users of SIP based communication, in
  ways that improve upon the status-quo.


  The SIPBRANDY working group will define best practices for establishing
  two-party, SIP-signaled SRTP sessions with end-to-end security
  associations, including a single, preferred SRTP key exchange mechanism.
  These practices are expected to be deployable across typical SIP
  networks, without the sharing of SRTP keying material with
  intermediaries or third parties. These practices should protect against
  man-in-the-middle attacks.

  While confidentiality is the first priority of the working group, it may
  work on aligning these practices with WebRTC, for example by defining
  best practices for ensuring recipients of media flows have indicated the
  desire to receive them, in order to prevent or mitigate the denial-of-
  service attack described in RFC 5245, section 18.5.1. Likewise, the WG
  may consider compatibility with aspects of PERC.

  The working group will additionally coordinate with the MMUSIC working
  group to define opportunistic security [RFC 7435] for SIP-signaled media
  sessions for situations where strong protections are not necessary or
  not feasible.


  The working group is not expected to define practices for multi-party
  session topologies, especially those involving media distribution

  The working group is not expected to define new protocols or modify
  existing ones; rather it will define practices for using existing
  protocols. If the working group discovers gaps that require creation or
  modification protocols, it will forward those gaps to the appropriate
  working groups.

  Inputs and Collaboration:

  The WG will consider draft-peterson-dispatch-rtpsec and
  draft-johnston-dispatch-osrtp as input to the work. The WG is expected
  to collaborate closely with SIPCORE, AVTCORE, STIR, MMUSIC, RTCWEB,
  PERC, and possibly DISPATCH.

Goals and Milestones:
  Mar 2019 - Submit Opportunistic SRTP draft to IESG for consideration as BCP
  Done     - Draft Adoption - Best Practices for end-to-end SRTP
  Done     - Draft Adoption - Best Practices for Opportunistic SRTP
  Done     - Inform MMUSIC or other appropriate WGs of any changes needed to support Opportunistic SRTP (Not expected to be published as an RFC)
  Done     - Submit End-to-End SRTP draft to the IESG for consideration as BCP

All charter page changes, including changes to draft-list, rfc-list and milestones:

Generated from PyHt script /wg/sipbrandy/charters.pyht Latest update: 24 Oct 2012 16:51 GMT -