draft-ietf-avt-srtp-not-mandatory-09.txt   draft-ietf-avt-srtp-not-mandatory-10.txt 
Network Working Group C. Perkins Network Working Group C. Perkins
Internet-Draft University of Glasgow Internet-Draft University of Glasgow
Intended status: Informational M. Westerlund Intended status: Informational M. Westerlund
Expires: January 17, 2013 Ericsson Expires: April 25, 2013 Ericsson
July 16, 2012 October 22, 2012
Why RTP Does Not Mandate a Single Security Mechanism Securing the RTP Protocol Framework: Why RTP Does Not Mandate a Single
draft-ietf-avt-srtp-not-mandatory-09.txt Media Security Solution
draft-ietf-avt-srtp-not-mandatory-10.txt
Abstract Abstract
This memo discusses the problem of securing real-time multimedia This memo discusses the problem of securing real-time multimedia
sessions, and explains why the Real-time Transport Protocol (RTP), sessions, and explains why the Real-time Transport Protocol (RTP),
and the associated RTP control protocol (RTCP), do not mandate a and the associated RTP control protocol (RTCP), do not mandate a
single media security mechanism. Guidelines for designers and single media security mechanism. Guidelines for designers and
reviewers of future RTP extensions are provided, to ensure that reviewers of future RTP extensions are provided, to ensure that
appropriate security mechanisms are mandated, and that any such appropriate security mechanisms are mandated, and that any such
mechanisms are specified in a manner that conforms with the RTP mechanisms are specified in a manner that conforms with the RTP
skipping to change at page 1, line 38 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 17, 2013. This Internet-Draft will expire on April 25, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 17 skipping to change at page 2, line 18
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. RTP Applications and Deployment Scenarios . . . . . . . . . . . 3 2. RTP Applications and Deployment Scenarios . . . . . . . . . . . 3
3. RTP Media Security . . . . . . . . . . . . . . . . . . . . . . 4 3. RTP Media Security . . . . . . . . . . . . . . . . . . . . . . 4
4. RTP Session Establishment and Key Management . . . . . . . . . 5 4. RTP Session Establishment and Key Management . . . . . . . . . 5
5. On the Requirement for Strong Security in Framework 5. On the Requirement for Strong Security in Framework
protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
6. Security Mechanisms for RTP . . . . . . . . . . . . . . . . . . 6 6. Guidelines for Securing the RTP Protocol Framework . . . . . . 6
7. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . 7 7. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . 7
8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7
11. Informative References . . . . . . . . . . . . . . . . . . . . 7 11. Informative References . . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
The Real-time Transport Protocol (RTP) [RFC3550] is widely used for The Real-time Transport Protocol (RTP) [RFC3550] is widely used for
voice over IP, Internet television, video conferencing, and other voice over IP, Internet television, video conferencing, and other
real-time and streaming media applications. Despite this use, the real-time and streaming media applications. Despite this use, the
basic RTP specification provides only limited options for media basic RTP specification provides only limited options for media
security, and defines no standard key exchange mechanism. Rather, a security, and defines no standard key exchange mechanism. Rather, a
number of extensions are defined that can provide confidentiality and number of extensions are defined that can provide confidentiality and
authentication of RTP media streams and RTCP control messages. Other authentication of RTP media streams and RTP Control Protocol (RTCP)
mechanisms define key exchange protocols. This memo outlines why it messages. Other mechanisms define key exchange protocols. This memo
is appropriate that multiple extension mechanisms are defined rather outlines why it is appropriate that multiple extension mechanisms are
than mandating a single security and keying mechanism. defined rather than mandating a single security and keying mechanism.
The IETF policy on Strong Security Requirements for IETF Standard The IETF policy on Strong Security Requirements for IETF Standard
Protocols [RFC3365] (the so-called "Danvers Doctrine") states that Protocols [RFC3365] (the so-called "Danvers Doctrine") states that
"we MUST implement strong security in all protocols to provide for "we MUST implement strong security in all protocols to provide for
the all too frequent day when the protocol comes into widespread use the all too frequent day when the protocol comes into widespread use
in the global Internet". The mechanisms defined for use with RTP in the global Internet". The mechanisms defined for use with RTP
allow these requirements to be met. However, since RTP is a protocol allow these requirements to be met. However, since RTP is a protocol
framework that is suitable for a wide variety of use cases, there is framework that is suitable for a wide variety of use cases, there is
no single security mechanism that is suitable for every scenario. no single security mechanism that is suitable for every scenario.
This memo outlines why this is the case, and discusses how users of This memo outlines why this is the case, and discusses how users of
skipping to change at page 4, line 42 skipping to change at page 4, line 42
Secure RTP (SRTP) framework [RFC3711]. This is an application-level Secure RTP (SRTP) framework [RFC3711]. This is an application-level
media security solution, encrypting the media payload data (but not media security solution, encrypting the media payload data (but not
the RTP headers) to provide confidentiality, and supporting source the RTP headers) to provide confidentiality, and supporting source
origin authentication as an option. SRTP was carefully designed to origin authentication as an option. SRTP was carefully designed to
be both low overhead, and to support the group communication and be both low overhead, and to support the group communication and
third-party performance monitoring features of RTP, across a range of third-party performance monitoring features of RTP, across a range of
networks. networks.
SRTP is not the only media security solution in use, however, and SRTP is not the only media security solution in use, however, and
alternatives are more appropriate for some scenarios, and necessary alternatives are more appropriate for some scenarios, and necessary
in some cases where SRTP is not suitable. At present, there is no in some cases where SRTP is not suitable. For example, ISMAcryp
media security protocol that is appropriate for all the environments [ISMACrypt2] provides payload-level confidentiality that is
where RTP is used. Multiple RTP media security protocols can be appropriate for certain types of streaming video application, but
expected to remain in wide use for the forseeable future. that is not suitable for voice telephony (the range of available RTP
security options, and their applicability to different scenarios, is
The range of available RTP security options, and their applicability, outlined in [I-D.ietf-avtcore-rtp-security-options]). At present,
are described in [I-D.ietf-avtcore-rtp-security-options]. there is no media security protocol that is appropriate for all the
environments where RTP is used. Multiple RTP media security
protocols can be expected to remain in wide use for the foreseeable
future.
4. RTP Session Establishment and Key Management 4. RTP Session Establishment and Key Management
A range of different protocols for RTP session establishment and key A range of different protocols for RTP session establishment and key
exchange exist, matching the diverse range of use cases for the RTP exchange exist, matching the diverse range of use cases for the RTP
framework. These mechanisms can be split into two categories: those framework. These mechanisms can be split into two categories: those
that operate in-band on the media path, and those that are out-of- that operate in-band on the media path, and those that are out-of-
band and operate as part of the session establishment signalling band and operate as part of the session establishment signalling
channel. The requirements for these two classes of solution are channel. The requirements for these two classes of solution are
different, and a wide range of solutions have been developed in this different, and a wide range of solutions have been developed in this
skipping to change at page 6, line 25 skipping to change at page 6, line 29
security mechanism for a specific class of applications, one has to security mechanism for a specific class of applications, one has to
consider what security building blocks need to be supported. To consider what security building blocks need to be supported. To
maximize interoperability it is important that common media security maximize interoperability it is important that common media security
and key management mechanisms are defined for classes of application and key management mechanisms are defined for classes of application
with similar requirements. The IETF needs to participate in this with similar requirements. The IETF needs to participate in this
selection of security building blocks for each class of applications selection of security building blocks for each class of applications
that use the protocol framework and are expected to interoperate that use the protocol framework and are expected to interoperate
where IETF has the appropriate knowledge of the class of where IETF has the appropriate knowledge of the class of
applications. applications.
6. Security Mechanisms for RTP 6. Guidelines for Securing the RTP Protocol Framework
RTP is a framework protocol, so the arguments in in Section 5 apply. RTP is a framework protocol, so the arguments in in Section 5 apply.
The security building blocks available for RTP at the time of this The security building blocks available for RTP at the time of this
writing are described in [I-D.ietf-avtcore-rtp-security-options]. writing are described in [I-D.ietf-avtcore-rtp-security-options].
That memo also gives examples of how those security building blocks That memo also gives examples of how those security building blocks
can be combined to give mandatory to implement security for some RTP can be combined to give mandatory to implement security for some RTP
application scenarios. application scenarios.
RTP can be extended in different ways. Two important extension RTP can be extended in different ways. Two important extension
points are RTP Payload Formats and RTP Profiles. An RTP Payload points are RTP Payload Formats and RTP Profiles. An RTP Payload
skipping to change at page 7, line 9 skipping to change at page 7, line 13
security options and building blocks. In other cases, though, an RTP security options and building blocks. In other cases, though, an RTP
profile is applicable to such a wide range of applications that it profile is applicable to such a wide range of applications that it
would not make sense for that profile to mandate particular security would not make sense for that profile to mandate particular security
building blocks be used. Any new RTP profile ought to discuss if it building blocks be used. Any new RTP profile ought to discuss if it
makes sense to mandate particular security building blocks be used makes sense to mandate particular security building blocks be used
with implementations of that profile, but without the expectation with implementations of that profile, but without the expectation
that all RTP profiles will mandate particular security solutions. that all RTP profiles will mandate particular security solutions.
7. Conclusions 7. Conclusions
RTP is used in a wide range of scenarios, without comon security The RTP framework is used in a wide range of different scenarios,
requirements. Accordingly, a single security solution cannot be with no common security requirements. Accordingly, neither SRTP
mandated for all scenarios. In the absence of such a solution, it is [RFC3711], nor any other single media security solution or keying
hoped that this memo explains why SRTP is not mandatory as the media mechanism, can be mandated for all uses of RTP. In the absence of a
security solution for RTP-based systems, and why we can expect single common security solution, it is important to consider what
multiple key management solutions for systems using RTP. mechanisms can be used to provide strong and interoperable security
for each different scenario where RTP applications are used. This
It is important consider how strong and interoperable security can be will require analysis of each class of application to determine the
offered for every scenario in which RTP applications are used, and security requirements for the scenarios in which they are to be used,
for every class of RTP applications. This will require analysis to followed by the selection of a mandatory to implement security
determine the security requirements, followed by the selection of a building blocks for that class of application, including the desired
mandatory to implement security building blocks for that class of RTP traffic protection and key-management. A non-exhaustive list of
application, including the desired RTP traffic protection and key- the RTP security options available at the time of this writing is
management. Commonality of security mechanisms is desirable, where outlined in [I-D.ietf-avtcore-rtp-security-options]. It is expected
appropriate. that each class of application will be supported by a memo describing
what security options are mandatory to implement for that usage
scenario.
8. Security Considerations 8. Security Considerations
This entire memo is about security. This entire memo is about security.
9. IANA Considerations 9. IANA Considerations
None. None.
10. Acknowledgements 10. Acknowledgements
Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes, Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes,
Martin Ellis, Ali Begen, and Keith Drage for their feedback. Martin Ellis, Ali Begen, Keith Drage, and Ray van Brandenburg for
their feedback.
11. Informative References 11. Informative References
[I-D.ietf-avtcore-rtp-security-options] [I-D.ietf-avtcore-rtp-security-options]
Westerlund, M. and C. Perkins, "Options for Securing RTP Westerlund, M. and C. Perkins, "Options for Securing RTP
Sessions", draft-ietf-avtcore-rtp-security-options-00 Sessions", draft-ietf-avtcore-rtp-security-options-00
(work in progress), July 2012. (work in progress), July 2012.
[ISMACrypt2]
"ISMA Encryption and Authentication, Version 2.0 release
version", November 2007.
[MBMS] 3GPP, "Multimedia Broadcast/Multicast Service (MBMS); [MBMS] 3GPP, "Multimedia Broadcast/Multicast Service (MBMS);
Protocols and codecs TS 26.346". Protocols and codecs TS 26.346".
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980. August 1980.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7, [RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, September 1981. RFC 793, September 1981.
[RFC3365] Schiller, J., "Strong Security Requirements for Internet [RFC3365] Schiller, J., "Strong Security Requirements for Internet
 End of changes. 11 change blocks. 
35 lines changed or deleted 46 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/