On 5/20/15 3:25 PM, Ben Campbell wrote:
Magnus and Robert: Is there an action implied here? I see that Magnus
agreed that there was an oversight in regards to security, but it's
not clear to me what action (if any) is planned.
I think Magnus was sketching out proposed new text for the document.
Thanks!
Ben.
On 18 May 2015, at 4:38, Magnus Westerlund wrote:
Robert Sparks skrev den 2015-05-14 21:21:
Major issues:
I'm surprised that there is no mention of how SRTP fits into the
vocabulary this
document builds. Would it be a mistake for someone to think of SRTP
as what
this document calls a transformation? Are there any consequences of
using SRTP
on one or more of the streams being associated that impact how you
would
talk about
the association? (There are certainly consequences about which elements
can see
into the various streams).
Yes, encryption is clearly a transformation. And there are cases
where the order of the encryption and other transformations, like
FEC, do matter. Thus, I agree that it is an significant oversight to
not include security.
So SRTP is an Securing / Protection (as it is not only Encryption)
transformation that operates on Source RTP Streams or Redundancy RTP
Streams to create Secured Source RTP Streams or Secured Redundancy
RTP Stream.
If one looks on something like ISMAcrypt that operates on a special
form of packetized encoded streams, i.e. payload created, but not RTP
headers, we get into further distinctions that we so far haven't
needed to have.
I don't know how well we must ensure that something like ISMAcrypt is
clearly defined, because then we do need to split the RTP
packetization transformation into two parts.
Cheers
Magnus Westerlund
----------------------------------------------------------------------
Services, Media and Network features, Ericsson Research EAB/TXM
----------------------------------------------------------------------
Ericsson AB | Phone +46 10 7148287
Färögatan 6 | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@xxxxxxxxxxxx
----------------------------------------------------------------------
_______________________________________________
avtext mailing list
avtext@xxxxxxxx
https://www.ietf.org/mailman/listinfo/avtext