draft-ietf-sipbrandy-rtpsec-04.txt   draft-ietf-sipbrandy-rtpsec-05.txt 
Network Working Group J. Peterson Network Working Group J. Peterson
Internet-Draft Neustar Internet-Draft Neustar
Intended status: Best Current Practice E. Rescorla Intended status: Best Current Practice R. Barnes
Expires: November 2, 2018 Mozilla Expires: April 15, 2019 Mozilla
R. Barnes
Cisco
R. Housley R. Housley
Vigil Security Vigil Security
May 1, 2018 October 12, 2018
Best Practices for Securing RTP Media Signaled with SIP Best Practices for Securing RTP Media Signaled with SIP
draft-ietf-sipbrandy-rtpsec-04.txt draft-ietf-sipbrandy-rtpsec-05
Abstract Abstract
Although the Session Initiation Protocol (SIP) includes a suite of Although the Session Initiation Protocol (SIP) includes a suite of
security services that has been expanded by numerous specifications security services that has been expanded by numerous specifications
over the years, there is no single place that explains how to use SIP over the years, there is no single place that explains how to use SIP
to establish confidential media sessions. Additionally, existing to establish confidential media sessions. Additionally, existing
mechanisms have some feature gaps that need to be identified and mechanisms have some feature gaps that need to be identified and
resolved in order for them to address the pervasive monitoring threat resolved in order for them to address the pervasive monitoring threat
model. This specification describes best practices for negotiating model. This specification describes best practices for negotiating
skipping to change at page 1, line 44 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 2, 2018. This Internet-Draft will expire on April 15, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 11, line 7 skipping to change at page 11, line 7
Section 4.4. Section 4.4.
Implementations MUST support DTLS-SRTP for key-management, as Implementations MUST support DTLS-SRTP for key-management, as
described in Section 5. described in Section 5.
Implementations MUST support the ICE, and the STUN consent freshness Implementations MUST support the ICE, and the STUN consent freshness
mechanism, as specified in Section 7. mechanism, as specified in Section 7.
9. Acknowledgments 9. Acknowledgments
We would like to thank Adam Roach, Andrew Hutton, and Ben Campbell We would like to thank Eric Rescorla, Adam Roach, Andrew Hutton, and
for contributions to this problem statement and framework. Ben Campbell for contributions to this problem statement and
framework.
10. IANA Considerations 10. IANA Considerations
This specification defines a new values for the PASSporT Type This specification defines a new values for the PASSporT Type
registry called "msec," and the IANA is requested to add that to the registry called "msec," and the IANA is requested to add that to the
registry with a value pointing to [RFCThis]. registry with a value pointing to [RFCThis].
11. Security Considerations 11. Security Considerations
This document describes the security features that provide media This document describes the security features that provide media
skipping to change at page 14, line 13 skipping to change at page 14, line 13
telephone-01 (work in progress), October 2017. telephone-01 (work in progress), October 2017.
[I-D.ietf-ice-rfc5245bis] [I-D.ietf-ice-rfc5245bis]
Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive
Connectivity Establishment (ICE): A Protocol for Network Connectivity Establishment (ICE): A Protocol for Network
Address Translator (NAT) Traversal", draft-ietf-ice- Address Translator (NAT) Traversal", draft-ietf-ice-
rfc5245bis-20 (work in progress), March 2018. rfc5245bis-20 (work in progress), March 2018.
[I-D.ietf-mmusic-trickle-ice-sip] [I-D.ietf-mmusic-trickle-ice-sip]
Ivov, E., Stach, T., Marocco, E., and C. Holmberg, "A Ivov, E., Stach, T., Marocco, E., and C. Holmberg, "A
Session Initiation Protocol (SIP) Usage for Trickle ICE", Session Initiation Protocol (SIP) Usage for Incremental
draft-ietf-mmusic-trickle-ice-sip-14 (work in progress), Provisioning of Candidates for the Interactive
February 2018. Connectivity Establishment (Trickle ICE)", draft-ietf-
mmusic-trickle-ice-sip-18 (work in progress), June 2018.
[I-D.johnston-dispatch-osrtp] [I-D.johnston-dispatch-osrtp]
Johnston, A., Ph.D., D., Hutton, A., Liess, L., and T. Johnston, A., Ph.D., D., Hutton, A., Liess, L., and T.
Stach, "An Opportunistic Approach for Secure Real-time Stach, "An Opportunistic Approach for Secure Real-time
Transport Protocol (OSRTP)", draft-johnston-dispatch- Transport Protocol (OSRTP)", draft-johnston-dispatch-
osrtp-02 (work in progress), February 2016. osrtp-02 (work in progress), February 2016.
[I-D.kaplan-mmusic-best-effort-srtp] [I-D.kaplan-mmusic-best-effort-srtp]
Audet, F. and H. Kaplan, "Session Description Protocol Audet, F. and H. Kaplan, "Session Description Protocol
(SDP) Offer/Answer Negotiation For Best-Effort Secure (SDP) Offer/Answer Negotiation For Best-Effort Secure
Real-Time Transport Protocol", draft-kaplan-mmusic-best- Real-Time Transport Protocol", draft-kaplan-mmusic-best-
effort-srtp-01 (work in progress), October 2006. effort-srtp-01 (work in progress), October 2006.
Authors' Addresses Authors' Addresses
Jon Peterson Jon Peterson
Neustar, Inc. Neustar, Inc.
Email: jon.peterson@team.neustar Email: jon.peterson@team.neustar
Eric Rescorla
Mozilla
Email: ekr@rtfm.com
Richard Barnes Richard Barnes
Cisco Mozilla
Email: rlb@ipv.sx Email: rlb@ipv.sx
Russ Housley Russ Housley
Vigil Security, LLC Vigil Security, LLC
Email: housley@vigilsec.com Email: housley@vigilsec.com
 End of changes. 8 change blocks. 
18 lines changed or deleted 13 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/