[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[AVT] draft-perkins-avt-srtp-vbr-audio-00

To: Colin Perkins <csp at csperkins.org>
Subject: [AVT] draft-perkins-avt-srtp-vbr-audio-00
From: David McGrew <mcgrew at cisco.com>
Date: Sun, 8 Mar 2009 17:19:47 -0700
Authentication-results: sj-dkim-4; header.From=mcgrew at cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; );
Cc: AVT WG <avt at ietf.org>
Delivered-to: avt at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=1232; t=1236557989; x=1237421989; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mcgrew at cisco.com; z=From:=20David=20McGrew=20<mcgrew at cisco.com> |Subject:=20draft-perkins-avt-srtp-vbr-audio-00 |Sender:=20; bh=2vSRCftvU3mf3MB0muDxpLb2oIb9FXdpgO2hYDQ6Qk8=; b=n/rI2cb+nxbuCYcljWp5zkuwM37QBFBYW3ZYTV8lrmKKH+8VS99oHiVADN SH4mPKv0T+ecM6V/wEcbXQFl5Ci5kPJz/5aV1tt8uKBZ66PtlQ6nDdbLZm8T 1vi8pfGzoi;
List-archive: <http://www.ietf.org/mail-archive/web/avt>
List-help: <mailto:avt-request@ietf.org?subject=help>
List-id: Audio/Video Transport Working Group <avt.ietf.org>
List-post: <mailto:avt@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>

Hi Colin,

thanks for writing this draft, it provides guidance on an importantissue.

I think we should consider using the RTP padding facility with SRTPand VBR codecs. It is "legal" according to RFC 3711, and it couldprovide significant security advantages. The security concerns withthe interaction between padding and encryption that are mentioned inRFC 3711 would not apply if message authentication were in use, and wecould include this in the recommendation. (Here I'm revisitingSection 7 of [V02] from RFC 3711, which is online at http://lasecwww.epfl.ch/pub/lasec/doc/Vau02a.ps)I offer to help look into the security more if it seems desirableto use SRTP with VBRs. (It might be desirable for interoperabilityreasons, even if padding was used to hide VBR lengths; at least that'smy thinking.)

One consideration is that the maximum padding that can be added withthe RTP padding facility is 255 bytes, and depending on the VBR codec,that might not be enough for security.

I think that we're up against some theoretical limits here, in that wehave to choose between compression efficiency, latency, andconfidentiality.


best regards,

David

Prev by Date: [AVT] New Version Notification for draft-peilin-avt-rtp-burst-01
Next by Date: [AVT] I-D Action:draft-ietf-avt-rfc3189bis-02.txt
Previous by thread: [AVT] New Version Notification for draft-peilin-avt-rtp-burst-01
Next by thread: [AVT] I-D Action:draft-ietf-avt-rfc3189bis-02.txt
Index(es):
- Date
- Thread