[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] a comment about SRTP & NATs


OK,

That it will work I was suspecting, I am fully satisfied now.

I also agree it does not need to reference STUN,
nor any detailed consideration on FW/NAT traversal;
still:
 is not the sentence weirdly formulated ?

again:

<quote>
"A cryptographic context SHALL be uniquely identified by the triplet context identifier:
context id = <SSRC, destination network address, destination transport port number>
where the destination network address and the destination
transport port are the ones in the current RTP packet (for the sender)"
</quote>

Not only does it *not* say that the client and the server may need to maintain a *different* one
(triplet) *and* identify that they correspond to each other
but it says "uniquely" at a distance of approximately 4 ASCII characters from a
RFC2119 capitalized key word ...

so IMHO the sentence is either too elusive or too precise !
(or is it my english playing tricks on me again ;?)

...

Unless of course you accept the idea that you would end up with the need
to later redefine that "uniquely" -in the context of SRTP-
actually signifies that every IP device on the planet has its own ?-)


regards,


Philippe Gentric
Software Architect
Philips MP4Net
philippe.gentric@philips.com
http://www.mpeg-4.philips.com


                                                                                                                                       
                      Mark Baugher                                                                                                     
                      <mbaugher@cisco.             To:  Jonathan Rosenberg <jdrosen@dynamicsoft.com>                                   
                      com>                         cc:  Philippe Gentric/MP4-SUR/CE/PHILIPS@EMEA1                                      
                                                    avt@ietf.org                                                                       
                      07/06/2002 17:39             Subject:   Re: [AVT] a comment about  SRTP & NATs                                   
                                                                                                                                       
                                                   Classification:                                                                     
                                                                                                                                       
                                                                                                                                       




At 11:02 AM 6/7/2002 -0400, Jonathan Rosenberg wrote:




>Yes. Let me be more clear. The destination address and port are not
>present in the packet anywhere else but in the destination address and
>port fields (for example, within the body of the RTP packet or something).
>If the addresses were placed elsehwere, or used as inputs to a hash, we
>would have problems. However, it does not seem to be the case.

You're right.  SRTP does not put addresses in RTP packets
and does not use IP addresses nor ports in its message
authentication hash.

Mark


>-Jonathan R.
>
>
>
>--
>Jonathan D. Rosenberg, Ph.D.            72 Eagle Rock Avenue
>Chief Scientist                         First Floor
>dynamicsoft                             East Hanover, NJ 07936
>jdrosen@dynamicsoft.com                 FAX: (973) 952-5050
>http://www.jdrosen.net                  PH:  (973) 952-5000
>http://www.dynamicsoft.com
>
>
>_______________________________________________
>Audio/Video Transport Working Group
>avt@ietf.org
>https://www1.ietf.org/mailman/listinfo/avt






_______________________________________________
Audio/Video Transport Working Group
avt@ietf.org
https://www1.ietf.org/mailman/listinfo/avt