[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] SSRC to DTLS-SRTP mapping

To: Dan Wing <dwing at cisco.com>
Subject: Re: [AVT] SSRC to DTLS-SRTP mapping
From: Colin Perkins <csp at csperkins.org>
Date: Tue, 19 Feb 2008 22:48:52 +0000
Cc: magnus.westerlund at ericsson.se, 'Roni Even' <roni.even at polycom.co.il>, 'Tom Taylor' <tom.taylor at rogers.com>, avt at ietf.org
Delivered-to: ietfarch-avt-web-archive at core3.amsl.com
Delivered-to: avt at core3.amsl.com
In-reply-to: <06d701c8731b$eaaa4e00$c4f0200a at cisco.com>
List-help: <mailto:avt-request@ietf.org?subject=help>
List-id: Audio/Video Transport Working Group <avt.ietf.org>
List-post: <mailto:avt@ietf.org>
List-subscribe: <http://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
List-unsubscribe: <http://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
References: <20080217174831.DE0785081A at romeo.rtfm.com><056d01c872c9$c3eab130$c4f0200a at cisco.com> <20080219151028.DE1DE5081A at romeo.rtfm.com> <06d701c8731b$eaaa4e00$c4f0200a at cisco.com>
Sender: avt-bounces at ietf.org

On 19 Feb 2008, at 17:21, Dan Wing wrote:
...
> However, I am worried about an attack flooding a device and causing  
> the device to perform SHA1 operations, when it seems we could  
> communicate the SSRC in the DTLS exchange (handshake or separate  
> message), and/or use source address verification to help protect  
> devices from such an attack.
>
> If it's only me that has this concern, I will sit back down in my  
> chair.

I see the concern, but I think this has to work in the general case,  
without signalling support (except the DTLS handshake). I have no  
problem with there being optimisations possible in those cases where  
the SSRC to host/port pair mapping can be signalled out of band  
though, since there will certainly be scenarios where that's possible.

-- 
Colin Perkins
http://csperkins.org/

_______________________________________________
Audio/Video Transport Working Group
avt at ietf.org
http://www.ietf.org/mailman/listinfo/avt

Follow-Ups:
- Re: [AVT] SSRC to DTLS-SRTP mapping
  - From: Dan Wing

References:
- [AVT] SSRC to DTLS-SRTP mapping
  - From: Eric Rescorla
- Re: [AVT] SSRC to DTLS-SRTP mapping
  - From: Dan Wing
- Re: [AVT] SSRC to DTLS-SRTP mapping
  - From: Eric Rescorla
- Re: [AVT] SSRC to DTLS-SRTP mapping
  - From: Dan Wing

Prev by Date: Re: [AVT] SSRC to DTLS-SRTP mapping
Next by Date: Re: [AVT] SSRC to DTLS-SRTP mapping
Previous by thread: Re: [AVT] SSRC to DTLS-SRTP mapping
Next by thread: Re: [AVT] SSRC to DTLS-SRTP mapping
Index(es):
- Date
- Thread