draft-ietf-avtcore-srtp-vbr-audio-01.txt | draft-ietf-avtcore-srtp-vbr-audio-02.txt | |||
---|---|---|---|---|
Network Working Group C. Perkins | Network Working Group C. Perkins | |||
Internet-Draft University of Glasgow | Internet-Draft University of Glasgow | |||
Intended status: BCP JM. Valin | Intended status: BCP JM. Valin | |||
Expires: October 29, 2011 Octasic Inc. | Expires: October 30, 2011 Octasic Inc. | |||
April 27, 2011 | April 28, 2011 | |||
Guidelines for the use of Variable Bit Rate Audio with Secure RTP | Guidelines for the use of Variable Bit Rate Audio with Secure RTP | |||
draft-ietf-avtcore-srtp-vbr-audio-01.txt | draft-ietf-avtcore-srtp-vbr-audio-02.txt | |||
Abstract | Abstract | |||
This memo discusses potential security issues that arise when using | This memo discusses potential security issues that arise when using | |||
variable bit rate audio with the secure RTP profile. Guidelines to | variable bit rate audio with the secure RTP profile. Guidelines to | |||
mitigate these issues are suggested. | mitigate these issues are suggested. | |||
Status of this Memo | Status of this Memo | |||
This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on October 29, 2011. | This Internet-Draft will expire on October 30, 2011. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2011 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
skipping to change at page 6, line 15 ¶ | skipping to change at page 6, line 15 ¶ | |||
6. Security Considerations | 6. Security Considerations | |||
The security considerations of [RFC3711] apply. | The security considerations of [RFC3711] apply. | |||
7. IANA Considerations | 7. IANA Considerations | |||
No IANA actions are required. | No IANA actions are required. | |||
8. Acknowledgements | 8. Acknowledgements | |||
This memo is based on the discussion in [spot-me]. Recent versions | This memo is based on the discussion in [spot-me]. ZRTP [RFC6189] | |||
of ZRTP [I-D.zimmermann-avt-zrtp] contain a similar recommendation; | contain a similar recommendation; the purpose of this memo is to | |||
the purpose of this memo is to highlight these issues to a wider | highlight these issues to a wider audience, since they are not | |||
audience, since they are not specific to ZRTP. Thanks are due to | specific to ZRTP. Thanks are due to Phil Zimmermann, Stefan Doehla, | |||
Phil Zimmermann, Stefan Doehla, Mats Naslund, Gregory Maxwell, David | Mats Naslund, Gregory Maxwell, David McGrew, Mark Baugher, Koen Vos, | |||
McGrew, Mark Baugher, Koen Vos, and Ingemar Johansson for their | and Ingemar Johansson for their comments and feedback on this memo. | |||
comments and feedback on this memo. | ||||
9. References | 9. References | |||
9.1. Normative References | 9.1. Normative References | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. | [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. | |||
Norrman, "The Secure Real-time Transport Protocol (SRTP)", | Norrman, "The Secure Real-time Transport Protocol (SRTP)", | |||
RFC 3711, March 2004. | RFC 3711, March 2004. | |||
9.2. Informative References | 9.2. Informative References | |||
[I-D.zimmermann-avt-zrtp] | [RFC6189] Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media | |||
Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media | Path Key Agreement for Unicast Secure RTP", RFC 6189, | |||
Path Key Agreement for Secure RTP", | April 2011. | |||
draft-zimmermann-avt-zrtp-22 (work in progress), | ||||
January 2010. | ||||
[spot-me] Wright, C., Ballard, L., Coull, S., Monrose, F., and G. | [spot-me] Wright, C., Ballard, L., Coull, S., Monrose, F., and G. | |||
Masson, "Spot me if you can: Uncovering spoken phrases in | Masson, "Spot me if you can: Uncovering spoken phrases in | |||
encrypted VoIP conversation", Proceedings of the IEEE | encrypted VoIP conversation", Proceedings of the IEEE | |||
Symposium on Security and Privacy 2008, May 2008. | Symposium on Security and Privacy 2008, May 2008. | |||
Authors' Addresses | Authors' Addresses | |||
Colin Perkins | Colin Perkins | |||
University of Glasgow | University of Glasgow | |||
End of changes. 5 change blocks. | ||||
16 lines changed or deleted | 13 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |