draft-ietf-avtcore-srtp-vbr-audio-01.txt   draft-ietf-avtcore-srtp-vbr-audio-02.txt 
Network Working Group C. Perkins Network Working Group C. Perkins
Internet-Draft University of Glasgow Internet-Draft University of Glasgow
Intended status: BCP JM. Valin Intended status: BCP JM. Valin
Expires: October 29, 2011 Octasic Inc. Expires: October 30, 2011 Octasic Inc.
April 27, 2011 April 28, 2011
Guidelines for the use of Variable Bit Rate Audio with Secure RTP Guidelines for the use of Variable Bit Rate Audio with Secure RTP
draft-ietf-avtcore-srtp-vbr-audio-01.txt draft-ietf-avtcore-srtp-vbr-audio-02.txt
Abstract Abstract
This memo discusses potential security issues that arise when using This memo discusses potential security issues that arise when using
variable bit rate audio with the secure RTP profile. Guidelines to variable bit rate audio with the secure RTP profile. Guidelines to
mitigate these issues are suggested. mitigate these issues are suggested.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 33 skipping to change at page 1, line 33
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 29, 2011. This Internet-Draft will expire on October 30, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 6, line 15 skipping to change at page 6, line 15
6. Security Considerations 6. Security Considerations
The security considerations of [RFC3711] apply. The security considerations of [RFC3711] apply.
7. IANA Considerations 7. IANA Considerations
No IANA actions are required. No IANA actions are required.
8. Acknowledgements 8. Acknowledgements
This memo is based on the discussion in [spot-me]. Recent versions This memo is based on the discussion in [spot-me]. ZRTP [RFC6189]
of ZRTP [I-D.zimmermann-avt-zrtp] contain a similar recommendation; contain a similar recommendation; the purpose of this memo is to
the purpose of this memo is to highlight these issues to a wider highlight these issues to a wider audience, since they are not
audience, since they are not specific to ZRTP. Thanks are due to specific to ZRTP. Thanks are due to Phil Zimmermann, Stefan Doehla,
Phil Zimmermann, Stefan Doehla, Mats Naslund, Gregory Maxwell, David Mats Naslund, Gregory Maxwell, David McGrew, Mark Baugher, Koen Vos,
McGrew, Mark Baugher, Koen Vos, and Ingemar Johansson for their and Ingemar Johansson for their comments and feedback on this memo.
comments and feedback on this memo.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
Norrman, "The Secure Real-time Transport Protocol (SRTP)", Norrman, "The Secure Real-time Transport Protocol (SRTP)",
RFC 3711, March 2004. RFC 3711, March 2004.
9.2. Informative References 9.2. Informative References
[I-D.zimmermann-avt-zrtp] [RFC6189] Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media
Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media Path Key Agreement for Unicast Secure RTP", RFC 6189,
Path Key Agreement for Secure RTP", April 2011.
draft-zimmermann-avt-zrtp-22 (work in progress),
January 2010.
[spot-me] Wright, C., Ballard, L., Coull, S., Monrose, F., and G. [spot-me] Wright, C., Ballard, L., Coull, S., Monrose, F., and G.
Masson, "Spot me if you can: Uncovering spoken phrases in Masson, "Spot me if you can: Uncovering spoken phrases in
encrypted VoIP conversation", Proceedings of the IEEE encrypted VoIP conversation", Proceedings of the IEEE
Symposium on Security and Privacy 2008, May 2008. Symposium on Security and Privacy 2008, May 2008.
Authors' Addresses Authors' Addresses
Colin Perkins Colin Perkins
University of Glasgow University of Glasgow
 End of changes. 5 change blocks. 
16 lines changed or deleted 13 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/