[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AVT] SRTP store-and-forward

To: Eric Rescorla <ekr at networkresonance.com>
Subject: Re: [AVT] SRTP store-and-forward
From: Rolf Blom <rolf.j.blom at ericsson.com>
Date: Tue, 07 Apr 2009 15:47:46 +0200
Cc: AVT <avt at ietf.org>
Delivered-to: avt at core3.amsl.com
In-reply-to: <20090406234956.9616E1244C6 at kilo.networkresonance.com>
List-archive: <http://www.ietf.org/mail-archive/web/avt>
List-help: <mailto:avt-request@ietf.org?subject=help>
List-id: Audio/Video Transport Working Group <avt.ietf.org>
List-post: <mailto:avt@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
References: <49D0E097.3000902 at ericsson.com> <02f801c9b179$5aed9a90$c4f0200a at cisco.com> <49D30ECC.8090604 at ericsson.com> <20090406234956.9616E1244C6 at kilo.networkresonance.com>
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Hi Eric,

My experience is that secure email becomes of more and more interest for enterprises and government authorities. Such organizations already now invest in the needed infrastructure to enable handling of user certificates and other types of user credentials for secure access and communication. I also expect that in the future, secure email will be used more and more by the general public for privacy reasons. Look e.g. at the success for PGP.

/Rolf

Eric Rescorla wrote:

When you refer to MIKEY-RSA having some mechanism to acquire such
information (shared key / certificate) I believe you refer to
MIKEY-RSA-R. In MIKEY-RSA-R the initiator attaches his certificate in
the first message and the responder uses it to return the key to be
used. This works well when there is an on-line connection between the
two but&nbsp; wouldn't work for SRTP&nbsp; Store-and-Forward applications. Here
we must rely on either predistributed keys or certificates or that keys
or certificates can be acquired from an online third party. As I said
before this situation is exactly as for secure email. And secure email
is used!


I would say extraordinarily rarely. Indeed, this is precisely one
of the challenges that led to RTPSEC.

-Ekr

-- 
Rolf Blom, Ph.D. Expert, Mobile Communications Security, Ericsson Research
Postal address: Ericsson AB, SE-164 80 STOCKHOLM, Sweden
Tel: +46 10 713 17 07,  GSM: +46 70 757 2092,  Fax: +46 8 757 01 35


This communication is confidential and intended solely for the
addressee(s). Any unauthorized review, use, disclosure or distribution
is prohibited. If you believe this message has been sent to you 
in error, please notify the sender by replying to this transmission 
and delete the message without disclosing it. Thank you.

E-mail including attachments is susceptible to datacorruption, 
interruption, unauthorized amendment, tampering and viruses, and 
we only send and receive e-mails on the basis that we are not 
liable for any such corruption, interception, amendment, tampering
or viruses or any consequences thereof.

Follow-Ups:
- Re: [AVT] SRTP store-and-forward
  - From: Eric Rescorla

References:
- [AVT] SRTP store-and-forward
  - From: Rolf Blom
- Re: [AVT] SRTP store-and-forward
  - From: Dan Wing
- Re: [AVT] SRTP store-and-forward
  - From: Rolf Blom
- Re: [AVT] SRTP store-and-forward
  - From: Eric Rescorla

Prev by Date: Re: [AVT] SRTP store-and-forward
Next by Date: Re: [AVT] SRTP store-and-forward
Previous by thread: Re: [AVT] SRTP store-and-forward
Next by thread: Re: [AVT] SRTP store-and-forward
Index(es):
- Date
- Thread