--- Begin Message ---
David hi and thanks a lot
as far as I understand, the key exchange protocol provides you with the <from, to> value.
so ,does the key exchange give you a bunch of <from, to> values and their corresponding keys.
another question, does this apply also to the MKI implementation, i.e. the key exchange provides you with a list of MKIs and their corresponding keys.
it is also not totally clear to me whether the sender triggers the re-keying or should it be triggered in the key exchange protocol, and the sender should just enforce it
"David A. McGrew" <mcgrew@cisco.com> wrote:
Tal,
On May 9, 2004, at 2:03 AM, tal shahar wrote:
> hi
> in 3.2.1. Transform-independent parameters
> 1. the RFC states that the cryptographic context should hold the the
> master key(s)
> assuming I wish to have SRTP and SRTCP sharing the same master key,
> what is the situation where I have more than one key
if I understand right, you are wondering why the "(s)" appears in the
quote from the RFC. This is because there might be multiple master
keys, each of which is used for a particular range of the packet index
(that is, the 48-bit integer that is the concatenation of the ROC and
the sequence number). libSRTP does not support this facility, and I
expect that the vast majority of users won't miss it.
> 2. if I have only one master key, why do I need to hold the MKI
You do!
n't,
though you might need to store the fact that you are not
using an MKI. libSRTP does not support MKIs as of yet. I don't think
that it would be hard to add this feature.
David
>
> thanks a lot
> tal
>
> Do you Yahoo!?
> Win a $20,000 Career Makeover at Yahoo! HotJobs
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs --- End Message ---