[AVT] a comment about SRTP & NATs

[philippe.gentric@philips.com]

The SRTP specs (draft-ietf-avt-srtp-04.txt) says (section 3.1.3)

"
A cryptographic context SHALL be uniquely identified by the triplet
   context identifier:

   context id = <SSRC, destination network address, destination
   transport port number>

   where the destination network address and the destination transport
   port are the ones in the current RTP packet (for the sender) or SRTP
   packet (for the receiver). It is assumed that, when presented with
   this information, the key management returns a context with the
   information as described in Section 3.1.
"

But this is not absolutely clear  in case of NAT(s) en route.

I think it would be better to say that the SRTP cryptographic context is SSRC and
 destination address/port *as sent from the sender*

(since it can be changed en route by  NATs)

one then has to  assume that the receiver is aware of *this*
"sender-side" address/port (via STUN for example)
since it is a sine-qua-non condition for RTP anyway
and then the receiver can use this info with the key management
to retreive the correct context.

Regards,

Philippe Gentric
Software Architect
Philips MP4Net
philippe.gentric@philips.com
http://www.mpeg-4.philips.com


_______________________________________________
Audio/Video Transport Working Group
avt@ietf.org
https://www1.ietf.org/mailman/listinfo/avt