[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt

To: "Ingemar Johansson S" <ingemar.s.johansson at ericsson.com>
Subject: Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
From: Randell Jesup <rjesup at wgate.com>
Date: Sun, 16 Nov 2008 10:14:59 -0500
Cc: Ye-Kui.Wang at nokia.com, avt at ietf.org
Delivered-to: ietfarch-avt-web-archive at core3.amsl.com
Delivered-to: avt at core3.amsl.com
In-reply-to: <026F8EEDAD2C4342A993203088C1FC0508C203B6 at esealmw109.eemea.ericsson.se> (Ingemar Johansson S.'s message of "Sun, 16 Nov 2008 13:27:00 +0100")
List-archive: <http://www.ietf.org/pipermail/avt>
List-help: <mailto:avt-request@ietf.org?subject=help>
List-id: Audio/Video Transport Working Group <avt.ietf.org>
List-post: <mailto:avt@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
References: <026F8EEDAD2C4342A993203088C1FC0508BF251C at esealmw109.eemea.ericsson.se> <44C96BEE548AC8429828A376231503470149232D at vaebe101.NOE.Nokia.com> <ybuy6znjw82.fsf at jesup.eng.wgate.com> <026F8EEDAD2C4342A993203088C1FC0508C1F956 at esealmw109.eemea.ericsson.se> <ybu7i76gvwm.fsf at jesup.eng.wgate.com> <026F8EEDAD2C4342A993203088C1FC0508C203B6 at esealmw109.eemea.ericsson.se>
Reply-to: Randell Jesup <rjesup at wgate.com>
Sender: avt-bounces at ietf.org
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

"Ingemar Johansson S" <ingemar.s.johansson at ericsson.com> writes:
>> >> What if an intermediary deletes the header extension?  (SBC, B2BUA,
>> >> raw message store, etc).
>> >There is of course a risk that this may happen.  However I am curious
>> >as to what extent this may actually happen as it would also cause the
>> >authentication to fail in case SRTP is used.
>> 
>> SRTP doesn't use header extensions.  (I think ZRTP was doing 
>> so, but I don't know if they kept that or if there were 
>> alternatives, and I think ZRTP just would consider that a 
>> case where the channel couldn't be secured if there's no 
>> alternative channel (RTCP?) for key exchange.)

>Maybe I misunderstand things here but..Tried to read through RFC3711 but
>I failed to find anything that metions something like that SRTP
>precludes the use of header extensions. It is correct that the header
>exension is sent as open information but I don't see this as an issue as
>long as the information in the header extension does not reveal any
>encrypted information. 

Header extensions are fine with SRTP (I've used them)>  You said:

   However I am curious as to what extent this may actually happen as it
   would also cause the authentication to fail in case SRTP is used.

You're correct that an SBC/B2BUA/etc can't just delete anything from an
SRTP packet (as you know).  (Extensions are authenticated but not
encrypted, so sensitive information cannot be transmitted in them.)  A
B2BUA typically would need to decrypt and re-encrypt anyways, and an SBC
might be able to depending on the key and encryption setup.  (For example,
if it's SIP-over-TLS with sdesc, then the SBC probably has access to the
encryption keys.)

However, quite a few SBC's/etc pretty much ignore SRTP and treat it like
RTP.  Also, using either best-effort-srtp methods or cap-neg drafts, the
SBC might not even be aware that the stream is an SRTP stream.

I worry most about things like Asterisk, which is a pseudo-B2BUA.  I
suspect strongly it doesn't pass-through header extensions.

>> The scheduling issues may mean that these extensions don't 
>> get transmitted for a while, but another issue is that the 
>> inserters of the extensions aren't always coordinated -- 
>> witness ZRTP which in the current implementation acts as a 
>> wrapper layer - if the main RTP stack adds an extension, that 
>> means that ZRTP can't use that packet for an extension.
>> This should be ok, and ZRTP has to account for this 
>> possibility (as well as packet loss).

>I believe that for cases like SVC and G.718 it should be possible to
>synchronize the transmission of "alignment-info" as the layers after all
>stem from the same encoder and it is probably in these cases that the
>need to ensure perfect alignment is the biggest (for audio codecs it
>must match to the sample) 

My point was that you can't synchronize with the prototypical ZRTP
implementation, since that occurs downstream of the encoder and main
application, in a black box (pseudo-proxy), so you have to leave enough
slots open for applications like that.

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
		- James Madison, 4th US president (1751-1836)

_______________________________________________
Audio/Video Transport Working Group
avt at ietf.org
https://www.ietf.org/mailman/listinfo/avt

References:
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Ingemar Johansson S
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Ye-Kui.Wang
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Randell Jesup
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Ingemar Johansson S
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Randell Jesup
- Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
  - From: Ingemar Johansson S

Prev by Date: [AVT] Presentation for Minneapolis - reminder
Next by Date: Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
Previous by thread: Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
Next by thread: Re: [AVT] draft-schierl-avt-rtp-multi-session-transmission-00.txt
Index(es):
- Date
- Thread