[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] SRTP Question

To: steffen.fries at siemens.com, Mark Baugher <mbaugher at cisco.com>
Subject: Re: [AVT] SRTP Question
From: "Steffen Fries" <steffen.fries at siemens.com>
Date: Mon, 19 Jul 2004 07:45:30 +0200
Cc: avt at ietf.org
In-reply-to: <6.0.0.22.2.20040717122517.03c23558@mira-sjc5-6.cisco.com>
List-help: <mailto:avt-request@ietf.org?subject=help>
List-id: Audio/Video Transport Working Group <avt.ietf.org>
List-post: <mailto:avt@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
Organization: Siemens AG
Priority: normal
References: <40F80ACD.29718.4E849F@localhost>
Reply-to: steffen.fries at siemens.com
Sender: avt-bounces at ietf.org

Hi Mark,

thanks for your comments. 

Yes, you are right, it might not hit us soon, it was more a 
question of completeness. Nevertheless, there might be scenarios 
were one of the participants chooses just a small intervall 
<From, To> and uses video and audio, this condition may occur.

Anyway, your answer suggest exactly what I was thinking.

Ciao
	Steffen
 

Date sent:      	Sat, 17 Jul 2004 12:29:59 -0700
To:             	steffen.fries at siemens.com
From:           	Mark Baugher <mbaugher at cisco.com>
Subject:        	Re: [AVT] SRTP Question
Copies to:      	avt at ietf.org

> At 08:05 AM 7/16/2004, Steffen Fries wrote:
> >Hi,
> >
> >I've got another question to SRTP ;-)
> >
> >Within RFC3711 it is mentioned in section 3.3.1:
> >"...  After that number of SRTP packets have been sent
> >with a given (master or session) key, the sender MUST NOT send
> >any more packets with that key. ..."
> >
> >Further, section 8.1.1 reads:
> >"... The default values for the <From, To> are "from the first
> >observed packet" and "until further notice".  However, the
> >maximum limit of SRTP/SRTCP packets that are sent under each
> >given master/session key (Section 9.2) MUST NOT be exceeded...."
> >
> >Does this mean, that both sender and receiver have to ensure,
> >that the maximum number of packets encrypted with the same key
> >is not exceeded? If yes, is the recommendation, that the
> >receiver discards the packets that are received after the key
> >usage has reached the maximum limit?
> 
> This probably should have been spelled out in RFC 3711 because there
> are number of alternative actions such as discard the packets, stop
> receiving the stream in the case of multicast, leave the session
> regardless of how many senders are securely sending when one sender
> violates the key lifetime.
> 
> I would say that the session is no longer secure and the receiver
> should leave the session and log the condition.
> 
> Thankfully, this is a very unlikely event in the forseeable future.
> 
> Mark
> 
> 
> >Ciao
> >         Steffen
> >
> >
> >
> >_______________________________________________
> >Audio/Video Transport Working Group
> >avt at ietf.org
> >https://www1.ietf.org/mailman/listinfo/avt
> 
> 
> 



_______________________________________________
Audio/Video Transport Working Group
avt at ietf.org
https://www1.ietf.org/mailman/listinfo/avt

Follow-Ups:
- Re: [AVT] SRTP Question
  - From: Mats Näslund

References:
- [AVT] SRTP Question
  - From: Steffen Fries
- Re: [AVT] SRTP Question
  - From: Mark Baugher

Prev by Date: [AVT] Internet draft submission: draft-basso-avt-videoconreq-01.txt
Next by Date: [AVT] Reminder: AVT agenda for 60th IETF
Previous by thread: Re: [AVT] SRTP Question
Next by thread: Re: [AVT] SRTP Question
Index(es):
- Date
- Thread