RE: [AVT] Key management in SRTP

["Elisabetta Carrara (EAB)" <Elisabetta.Carrara@era.ericsson.se>]

Hi!
see answers below

>-----Original Message-----
>From: BUYCK Jacky FTRD/DMI/CAE [mailto:jacky.buyck@rd.francetelecom.com]
>Sent: den 8 oktober 2002 15:30
>To: avt@ietf.org
>Cc: mbaugher@cisco.com; rolf.blom@era.ericsson.se; elisabetta.carrara@era.ericsson.se
>Subject: [AVT] Key management in SRTP



>Hi all. 
>I'm looking on the way to secure RTP / RTCP sessions and 
>I've found the SRTP Draft. 
>I've read it but I still have a problem with one point that 
>don't seem to be clear for me. 
>I've understand how session's keys are generate and how all 
>the mechanisms of encryption and signature 

There is no signatures in SRTP, only a message authentication tag 
for integrity protection

>are performs but I don't understand HOW initial masters keys 
>are exchange ?
>Nowhere in the SRTP draft is specify key exchange protocols 
>or something like this. Or I've  not see an important part in the draft.

You are correct, SRTP is decoupled from key management protocols.
In principle, you can use the key management you want. 

>Does it rely on external protocol like SIP / SAP / SDP ?

"no", see below.

>Or is there a key exchange mechanism in the SRTP protocol ? 

no, SRTP is a security protocol.
In the back you need a key management, but SRTP does not define it.

Up to now, the MIKEY protocol (MSEC WG) supports SRTP, and MIKEY
can be piggybacked in SIP/RTSP (work in progress in the MMUSIC WG).
There is also a recent draft by Mark Baugher, still in the MMUSIC WG,
that exchanges keys and parameters in SDP, but is not a key management
protocol and needs some other security in the back.

Cheers
/Elisabetta




_______________________________________________
Audio/Video Transport Working Group
avt@ietf.org
https://www1.ietf.org/mailman/listinfo/avt