draft-ietf-avt-srtp-not-mandatory-07.txt   rfc7202.txt 
Network Working Group C. Perkins Internet Engineering Task Force (IETF) C. Perkins
Internet-Draft University of Glasgow Request for Comments: 7202 University of Glasgow
Intended status: Informational M. Westerlund Category: Informational M. Westerlund
Expires: January 2, 2011 Ericsson ISSN: 2070-1721 Ericsson
July 1, 2010 April 2014
Why RTP Does Not Mandate a Single Security Mechanism Securing the RTP Framework:
draft-ietf-avt-srtp-not-mandatory-07.txt Why RTP Does Not Mandate a Single Media Security Solution
Abstract Abstract
This memo discusses the problem of securing real-time multimedia This memo discusses the problem of securing real-time multimedia
sessions, and explains why the Real-time Transport Protocol (RTP), sessions. It also explains why the Real-time Transport Protocol
and the associated RTP control protocol (RTCP), do not mandate a (RTP) and the associated RTP Control Protocol (RTCP) do not mandate a
single media security mechanism. single media security mechanism. This is relevant for designers and
reviewers of future RTP extensions to ensure that appropriate
Status of this Memo security mechanisms are mandated and that any such mechanisms are
specified in a manner that conforms with the RTP architecture.
This Internet-Draft is submitted in full conformance with the Status of This Memo
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering This document is not an Internet Standards Track specification; it is
Task Force (IETF). Note that other groups may also distribute published for informational purposes.
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
This Internet-Draft will expire on January 2, 2011. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7202.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. RTP Applications and Deployment Scenarios . . . . . . . . . . 3 2. RTP Applications and Deployment Scenarios . . . . . . . . . . 3
3. Implications for RTP Security . . . . . . . . . . . . . . . . 4 3. RTP Media Security . . . . . . . . . . . . . . . . . . . . . 4
4. Implications for Key Management . . . . . . . . . . . . . . . 5 4. RTP Session Establishment and Key Management . . . . . . . . 5
5. On the Requirement for Strong Security in IETF protocols . . . 6 5. On the Requirement for Strong Security in Framework Protocols 5
6. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 7 6. Securing the RTP Framework . . . . . . . . . . . . . . . . . 6
7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 7. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 8
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
10. Informative References . . . . . . . . . . . . . . . . . . . . 8 10. Informative References . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
The Real-time Transport Protocol (RTP) [RFC3550] is widely used for The Real-time Transport Protocol (RTP) [RFC3550] is widely used for
voice over IP, Internet television, video conferencing, and various voice over IP, Internet television, video conferencing, and other
other real-time and streaming media applications. Despite this, the real-time and streaming media applications. Despite this use, the
base RTP specification provides very limited options for media basic RTP specification provides only limited options for media
security, and defines no standard key exchange mechanism. Rather, a security and defines no standard key exchange mechanism. Rather, a
number of extensions are defined to provide confidentiality and number of extensions are defined that can provide confidentiality and
authentication of RTP media streams and RTCP control messages, and to authentication of RTP media streams and RTP Control Protocol (RTCP)
exchange security keys. This memo outlines why it is appropriate messages. Other mechanisms define key exchange protocols. This memo
that multiple extension mechanisms are defined, rather than mandating outlines why it is appropriate that multiple extension mechanisms are
a single security and keying mechanism. defined rather than mandating a single security and keying mechanism
for all users of RTP.
This memo provides information for the community; it does not specify The IETF policy "Strong Security Requirements for Internet
a standard of any kind. Engineering Task Force Standard Protocols" [RFC3365] (the so-called
"Danvers Doctrine") states that "we MUST implement strong security in
all protocols to provide for the all too frequent day when the
protocol comes into widespread use in the global Internet". The
security mechanisms defined for use with RTP allow these requirements
to be met. However, since RTP is a protocol framework that is
suitable for a wide variety of use cases, there is no single security
mechanism that is suitable for every scenario. This memo outlines
why this is the case and discusses how users of RTP can meet the
requirement for strong security.
The structure of this memo is as follows. Section 2 describes the This document provides high-level guidance on how to handle security
scenarios in which RTP is deployed. Following this, Section 3 issues for the various types of components within the RTP framework
outlines the implications of this range of scenarios for media as well as the role of the service or application using RTP to ensure
confidentially and authentication, and Section 4 outlines the strong security is implemented. This document does not provide the
implications for key exchange. Section 5 outlines how the RTP guidance that an individual implementer, or even specifier of an RTP
framework meets the requirement of BCP 61. Section 6 then concludes application, really can use to determine what security mechanism they
and gives some recommendations. need to use; that is not intended with this document.
A non-exhaustive list of the RTP security options available at the
time of this writing is outlined in [RFC7201]. This document gives
an overview of the available RTP solutions and provides guidance on
their applicability for different application domains. It also
attempts to provide an indication of actual and intended usage at the
time of writing as additional input to help with considerations such
as interoperability, availability of implementations, etc.
2. RTP Applications and Deployment Scenarios 2. RTP Applications and Deployment Scenarios
The range of application and deployment scenarios where RTP has been The range of application and deployment scenarios where RTP has been
used includes, but is not limited to, the following: used includes, but is not limited to, the following:
o Point-to-point voice telephony (fixed and wireless networks) o Point-to-point voice telephony;
o Point-to-point video conferencing o Point-to-point video conferencing and telepresence;
o Centralised group video conferencing with a multipoint conference o Centralized group video conferencing and telepresence, using a
unit (MCU) Multipoint Conference Unit (MCU) or similar central middlebox;
o Any Source Multicast video conferencing (light-weight sessions; o Any Source Multicast (ASM) video conferencing using the
Mbone conferencing) lightweight sessions model (e.g., the Mbone conferencing tools);
o Point-to-point streaming audio and/or video o Point-to-point streaming audio and/or video (e.g., on-demand TV or
movie streaming);
o Source-specific multicast (SSM) streaming to large group (IPTV and o Source-Specific Multicast (SSM) streaming to large receiver groups
3GPP Multimedia Broadcast Multicast Service (MBMS) [MBMS]) (e.g., IPTV streaming by residential ISPs or the Third Generation
Partnership Project (3GPP) Multimedia/Broadcast Multicast Service
[T3GPP.26.346]);
o Replicated unicast streaming to a group o Replicated unicast streaming to a group of receivers;
o Interconnecting components in music production studios and video o Interconnecting components in music production studios and video
editing suites editing suites;
o Interconnecting components of distributed simulation systems o Interconnecting components of distributed simulation systems; and
o Streaming real-time sensor data o Streaming real-time sensor data (e.g., electronic Very Long
Baseline Interferometry (e-VLBI) radio astronomy).
As can be seen, these scenarios vary from point-to-point to very As can be seen, these scenarios vary from point-to-point sessions to
large multicast groups, from interactive to non-interactive, and from very large multicast groups, from interactive to non-interactive, and
low bandwidth (kilobits per second) to very high bandwidth (multiple from low bandwidth (kilobits per second) telephony to high bandwidth
gigabits per second). While most of these applications run over UDP (multiple gigabits per second) video and data streaming. While most
[RFC0768], some use TCP [RFC0793], [RFC4614] or DCCP [RFC4340] as of these applications run over UDP [RFC0768], some use TCP [RFC0793]
their underlying transport. Some run on highly reliable optical [RFC4614] or the Datagram Congestion Control Protocol (DCCP)
networks, others use low rate unreliable wireless networks. Some [RFC4340] as their underlying transport. Some run on highly reliable
applications of RTP operate entirely within a single trust domain, optical networks, while others use low-rate unreliable wireless
others are inter-domain, with untrusted (and potentially unknown) networks. Some applications of RTP operate entirely within a single
users. The range of scenarios is wide, and growing both in number trust domain, while others run interdomain with untrusted (and, in
and in heterogeneity. some cases, potentially unknown) users. The range of scenarios is
wide and growing both in number and in heterogeneity.
3. Implications for RTP Security 3. RTP Media Security
The wide range of application scenarios where RTP is used has led to The wide range of application scenarios where RTP is used has led to
the development of multiple solutions for securing RTP media streams the development of multiple solutions for securing RTP media streams
and RTCP control messages, considering different requirements. and RTCP control messages, considering different requirements.
Perhaps the most widely applicable of these solutions is the Secure
RTP (SRTP) framework [RFC3711]. This is an application-level media
security solution, encrypting the media payload data (but not the RTP
headers) to provide some degree of confidentiality, and providing
optional source origin authentication. It was carefully designed to
be both low overhead, and to support the group communication features
of RTP, across a range of networks.
SRTP is not the only media security solution in use, however, and Perhaps the most widely applicable of these security options is the
alternatives are more appropriate for some scenarios. For example, Secure RTP (SRTP) framework [RFC3711]. This is an application-level
many client-server streaming media applications can run over a single media security solution, encrypting the media payload data (but not
TCP connection, multiplexing media data with control information on the RTP headers) to provide confidentiality and supporting source
that connection (RTSP [I-D.ietf-mmusic-rfc2326bis] is a widely used origin authentication as an option. SRTP was carefully designed to
example of such a protocol). The natural way to provide media be low overhead, including operating on links subject to RTP header
security for such client-server media applications is to use TLS compression, and to support the group communication and third-party
[RFC5246] to protect the TCP connection, sending the RTP media data performance monitoring features of RTP across a range of networks.
over the TLS connection. Using the SRTP framework in addition to TLS
is unnecessary, and would result in double encryption of the media,
and SRTP cannot be used instead of TLS since it is RTP-specific, and
so cannot protect the control traffic.
Other RTP use cases work over networks which provide security at the
network layer, using IPsec. For example, certain 3GPP networks need
IPsec security associations for other purposes, and can reuse those
to secure the RTP session [3GPP.33.210]. SRTP is, again, unnecessary
in such environments, and its use would only introduce overhead for
no gain.
For some applications it is sufficient to protect the RTP payload
data while leaving RTP, transport, and network layer headers
unprotected. An example of this is RTP broadcast over DVB-H
[ETSI.TS.102.474], where one mode of operation uses ISMAcryp
(http://www.isma.tv/specs/ISMA_E&Aspec2.0.pdf) to encrypt the RTP
payload data only.
Finally, the link layer may be secure, and it may be known that the
RTP media data is constrained to that single link (for example, when
operating in a studio environment, with physical link security). An
environment like this is inherently constrained, but might avoid the
need for application, transport, or network layer media security.
All these are application scenarios where RTP has seen commercial
deployment. Other use case also exist, with additional requirements.
There is no media security protocol that is appropriate for all these
environments. Accordingly, multiple RTP media security protocols can
be expected to remain in wide use.
4. Implications for Key Management
With such a diverse range of use cases come a range of different SRTP is not the only media security solution for RTP, however, and
protocols for RTP session establishment. Mechanisms used to provide alternatives can be more appropriate in some scenarios, perhaps due
security keying for these different session establishment protocols to ease of integration with other parts of the complete system. In
can basically be put into two categories: inband and out-of-band in addition, SRTP does not address all possible security requirements,
relation to the session establishment mechanism. The requirements and other solutions are needed in cases where SRTP is not suitable.
for these solutions are highly varying. Thus a wide range of For example, ISMACryp payload-level confidentiality [ISMACryp2] is
solutions have been developed in this space: appropriate for some types of streaming video application, but is not
suitable for voice telephony, and uses features that are not provided
by SRTP.
o A common use case for RTP is probably point-to-point voice calls The range of available RTP security options, and their applicability
or centralised group conferences, negotiated using SIP [RFC3261] to different scenarios, is outlined in [RFC7201]. At the time of
with the SDP offer/answer model [RFC3264], operating on a trusted this writing, there is no media security protocol that is appropriate
infrastructure. In such environments, SDP security descriptions for all the environments where RTP is used. Multiple RTP media
[RFC4568] or the MIKEY [RFC4567] protocol are appropriate keying security protocols are expected to remain in wide use for the
mechanisms, piggybacked onto the SDP [RFC4566] exchange. The foreseeable future.
infrastructure may be secured by protecting the SIP exchange using
TLS or S/MIME, for example [RFC3261]. Protocols such as DTLS
[RFC5764] or ZRTP [I-D.zimmermann-avt-zrtp] are also appropriate
in such environments.
o Point-to-point RTP sessions may be negotiated using SIP with the 4. RTP Session Establishment and Key Management
offer/answer model, but operating over a network with untrusted
infrastructure. In such environments, the key management protocol
is run on the media path, bypassing the untrusted infrastructure.
Protocols such as DTLS [RFC5764] or ZRTP [I-D.zimmermann-avt-zrtp]
are useful here.
o For point-to-point client-server streaming of RTP over RTSP, a TLS A range of different protocols for RTP session establishment and key
association is appropriate to manage keying material, in much the exchange exist, matching the diverse range of use cases for the RTP
same manner as would be used to secure an HTTP session. framework. These mechanisms can be split into two categories: those
that operate in band on the media path and those that are out of band
and operate as part of the session establishment signaling channel.
The requirements for these two classes of solutions are different,
and a wide range of solutions have been developed in this space.
o A session description may be sent by email, secured using S/MIME A more-detailed survey of requirements for media security management
or PGP, or retrieved from a web page, using HTTP with TLS. protocols can be found in [RFC5479]. As can be seen from that memo,
the range of use cases is wide, and there is no single key management
protocol that is appropriate for all scenarios. The solutions have
been further diversified by the existence of infrastructure elements,
such as authentication systems, that are tied to the key management.
The most important and widely used keying options for RTP sessions at
the time of this writing are described in [RFC7201].
o A session description may be distributed to a multicast group 5. On the Requirement for Strong Security in Framework Protocols
using SAP or FLUTE secured with S/MIME.
o A session description may be distributed using the Open Mobile The IETF requires that all protocols provide a strong, mandatory-to-
Alliance DRM key management specification [OMA-DRM] when using a implement security solution [RFC3365]. This is essential for the
point-to-point streaming session setup with RTSP in the 3GPP PSS overall security of the Internet to ensure that all implementations
environment [PSS]. of a protocol can interoperate in a secure way. Framework protocols
offer a challenge for this mandate, however, since they are designed
to be used by different classes of applications in a wide range of
different environments. The different use cases for the framework
have different security requirements, and implementations designed
for different environments are generally not expected to interwork.
o In the 3GPP Multimedia Broadcast Multicast Service (MBMS) system, RTP is an example of a framework protocol with wide applicability.
HTTP and MIKEY are used for key management [MBMS-SEC]. The wide range of scenarios described in Section 2 show the issues
that arise in mandating a single security mechanism for this type of
framework. It would be desirable if a single media security
solution, and a single key management solution, could be developed
that is suitable for applications across this range of use scenarios.
The authors are not aware of any such solution, however, and believe
it is unlikely that any such solution will be developed. In part,
this is because applications in the different domains are not
intended to interwork, so there is no incentive to develop a single
mechanism. More importantly, though, the security requirements for
the different usage scenarios vary widely, and an appropriate
security mechanism in one scenario simply does not work for some
other scenarios.
A more detailed survey of requirements for media security management For a framework protocol, it appears that the only sensible solution
protocols can be found in [RFC5479]. As can be seen, the range of to the strong security requirement of [RFC3365] is to develop and use
use cases is wide, and there is no single protocol that is building blocks for the basic security services of confidentiality,
appropriate for all scenarios. These solutions have been further integrity protection, authorization, authentication, and so on. When
diversified by the existence of infrastructure elements such as new uses for the framework protocol arise, they need to be studied to
authentication solutions that are tied into the key manangement. determine if the existing security building blocks can satisfy the
requirements, or if new building blocks need to be developed.
5. On the Requirement for Strong Security in IETF protocols Therefore, when considering the strong and mandatory-to-implement
security mechanism for a specific class of applications, one has to
consider what security building blocks need to be integrated, or if
any new mechanisms need to be defined to address specific issues
relating to this new class of application. To maximize
interoperability, it is important that common media security and key
management mechanisms are defined for classes of application with
similar requirements. The IETF needs to participate in this
selection of security building blocks for each class of applications
that use the protocol framework and are expected to interoperate, in
cases where the IETF has the appropriate knowledge of the class of
applications.
BCP 61 [RFC3365] puts a requirement on IETF protocols to provide 6. Securing the RTP Framework
strong, mandatory to implement, security solutions. This is actually
quite a difficult requirement for any type of framework protocol,
like RTP, since one can never know all the deployment scenarios, and
if they are covered by the security solution. It would clearly be
desirable if a single media security solution and a single key
management solution could be developed, satisfying the range of use
cases for RTP. The authors are not aware of any such solution,
however, and it is not clear that any single solution can be
developed.
For a framework protocol it appears that the only sensible solution The IETF requires that protocols specify mandatory-to-implement (MTI)
to the requirement of BCP 61 is to develop or use security building strong security [RFC3365]. This applies to the specification of each
blocks, like SRTP, SDP security descriptions [RFC4568], MIKEY, DTLS, interoperable class of application that makes use of RTP. However,
or IPsec, to provide the basic security services of authorization, RTP is a framework protocol, so the arguments made in Section 5 also
data integrity protection and date confidentiality protection. When apply. Given the variability of the classes of application that use
new usages of the RTP framework arise, one needs to analyze the RTP, and the variety of the currently available security mechanisms
situation, to determine if the existing building blocks satisfy the described in [RFC7201], no one set of MTI security options can
requirements. If not, it is necessary to develop new security realistically be specified that apply to all classes of RTP
building blocks. applications.
When it comes to fulfilling the "MUST Implement" strong security for Documents that define an interoperable class of applications using
a specific application, it will fall on that application to actually RTP are subject to [RFC3365], and thus need to specify MTI security
consider what building blocks it is required to support. To maximize mechanisms. This is because such specifications do fully specify
interoperability it is desirable if certain applications, or classes interoperable applications that use RTP. Examples of such documents
of application with similar requirements, agree on what data security under development in the IETF at the time of this writing are "WebRTC
mechanisms and key-management should be used. If such agreement is Security Architecture" [WebRTC-SEC] and "Real Time Streaming Protocol
not possible, there will be increased cost, either in the lack of 2.0 (RTSP)" [RTSP]. It is also expected that a similar document will
interoperability, or in the need to implement more solutions. be produced for voice-over-IP applications using SIP and RTP.
Unfortunately this situation, if not handled reasonably well, can
result in a failure to satisfy the requirement of providing the users
with an option of turning on strong security when desired.
6. Conclusions The RTP framework includes several extension points. Some extensions
can significantly change the behavior of the protocol to the extent
that applications using the extension form a separate interoperable
class of applications to those that have not been extended. Other
extension points are defined in such a manner that they can be used
(largely) independently of the class of applications using RTP. Two
important extension points that are independent of the class of
applications are RTP payload formats and RTP profiles.
As discussed earlier it appears that a single solution can't be An RTP payload format defines how the output of a media codec can be
designed to meet the diverse requirements. In the absence of such a used with RTP. At the time of this writing, there are over 70 RTP
solution, it is hoped that this memo explains why SRTP is not payload formats defined in published RFCs, with more in development.
mandatory as the media security solution for RTP-based systems, and It is appropriate for an RTP payload format to discuss the specific
why we can expect multiple key management solutions for systems using security implications of using that media codec with RTP. However,
RTP. an RTP payload format does not specify an interoperable class of
applications that use RTP since, in the vast majority of cases, a
media codec and its associated RTP payload format can be used with
many different classes of application. As such, an RTP payload
format is neither secure in itself nor something to which [RFC3365]
applies. Future RTP payload format specifications need to explicitly
state this and include a reference to this memo for explanation. It
is not appropriate for an RTP payload format to mandate the use of
SRTP [RFC3711], or any other security building blocks, since that RTP
payload format might be used by different classes of application that
use RTP and that have different security requirements.
It is important for any RTP-based application to consider how it RTP profiles are larger extensions that adapt the RTP framework for
meets the security requirements. This will require some analysis to use with particular classes of application. In some cases, those
determine these requirements, followed by the selection of a classes of application might share common security requirements so
mandatory to implement solution, or in exceptional scenarios several that it could make sense for an RTP profile to mandate particular
solutions, including the desired RTP traffic protection and key- security options and building blocks (the RTP/SAVP profile [RFC3711]
management. SRTP is a preferred solution for the protection of the is an example of this type of RTP profile). In other cases, though,
RTP traffic in those use cases where it is applicable. It is out of an RTP profile is applicable to such a wide range of applications
scope for this memo to recommend a preferred key management solution. that it would not make sense for that profile to mandate particular
security building blocks be used (the RTP/AVPF profile [RFC4585] is
an example of this type of RTP profile, since it provides building
blocks that can be used in different styles of application). A new
RTP profile specification needs to discuss whether or not it makes
sense to mandate particular security building blocks that need to be
used with all implementations of that profile; however, there is no
expectation that all RTP profiles will mandate particular security
solutions. RTP profiles that do not specify an interoperable usage
for a particular class of RTP applications are neither secure in
themselves nor something to which [RFC3365] applies; any future RTP
profiles in this category need to explicitly state this with
justification and include a reference to this memo.
7. Security Considerations 7. Conclusions
This entire memo is about security. The RTP framework is used in a wide range of different scenarios with
no common security requirements. Accordingly, neither SRTP [RFC3711]
nor any other single media security solution or keying mechanism can
be mandated for all uses of RTP. In the absence of a single common
security solution, it is important to consider what mechanisms can be
used to provide strong and interoperable security for each different
scenario where RTP applications are used. This will require analysis
of each class of application to determine the security requirements
for the scenarios in which they are to be used, followed by the
selection of MTI security building blocks for that class of
application, including the desired RTP traffic protection and key
management. A non-exhaustive list of the RTP security options
available at the time of this writing is outlined in [RFC7201]. It
is expected that each class of application will be supported by a
memo describing what security options are mandatory to implement for
that usage scenario.
8. IANA Considerations 8. Security Considerations
No IANA actions are required. This entire memo is about mandatory-to-implement security.
9. Acknowledgements 9. Acknowledgements
Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes, Thanks to Ralph Blom, Hannes Tschofenig, Dan York, Alfred Hoenes,
Martin Ellis, Ali Begen, and Keith Drage for their feedback. Martin Ellis, Ali Begen, Keith Drage, Ray van Brandenburg, Stephen
Farrell, Sean Turner, John Mattsson, and Benoit Claise for their
feedback.
10. Informative References 10. Informative References
[3GPP.33.210] [ISMACryp2] Internet Streaming Media Alliance (ISMA), "ISMA
3GPP, "IP network layer security", 3GPP TS 33.210. Encryption and Authentication Version 2.0", November
2007, <http://www.oipf.tv/images/site/DOCS/mpegif/ISMA/
[ETSI.TS.102.474] isma_easpec2.0.pdf>.
ETSI, "Digital Video Broadcasting (DVB); IP Datacast over
DVB-H: Service Purchase and Protection", ETSI TS 102 474,
November 2007.
[I-D.ietf-mmusic-rfc2326bis]
Schulzrinne, H., Rao, A., Lanphier, R., Westerlund, M.,
and M. Stiemerling, "Real Time Streaming Protocol 2.0
(RTSP)", draft-ietf-mmusic-rfc2326bis-23 (work in
progress), March 2010.
[I-D.zimmermann-avt-zrtp]
Zimmermann, P., Johnston, A., and J. Callas, "ZRTP: Media
Path Key Agreement for Unicast Secure RTP",
draft-zimmermann-avt-zrtp-22 (work in progress),
June 2010.
[MBMS] 3GPP, "Multimedia Broadcast/Multicast Service (MBMS);
Protocols and codecs TS 26.346".
[MBMS-SEC]
3GPP, "Security of Multimedia Broadcast/Multicast Service
(MBMS) TS 33.246".
[OMA-DRM] Open Mobile Alliance, "DRM Specification 2.0".
[PSS] 3GPP, "Transparent end-to-end Packet-switched Streaming
Service (PSS); Protocols and codecs TS 26.234".
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, September 1981.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261, [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
June 2002. August 1980.
[RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC
with Session Description Protocol (SDP)", RFC 3264, 793, September 1981.
June 2002.
[RFC3365] Schiller, J., "Strong Security Requirements for Internet [RFC3365] Schiller, J., "Strong Security Requirements for Internet
Engineering Task Force Standard Protocols", BCP 61, Engineering Task Force Standard Protocols", BCP 61, RFC
RFC 3365, August 2002. 3365, August 2002.
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, July 2003. Applications", STD 64, RFC 3550, July 2003.
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and
Norrman, "The Secure Real-time Transport Protocol (SRTP)", K. Norrman, "The Secure Real-time Transport Protocol
RFC 3711, March 2004. (SRTP)", RFC 3711, March 2004.
[RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram [RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram
Congestion Control Protocol (DCCP)", RFC 4340, March 2006. Congestion Control Protocol (DCCP)", RFC 4340, March
2006.
[RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session [RFC4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J.
Description Protocol", RFC 4566, July 2006. Rey, "Extended RTP Profile for Real-time Transport
Control Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC
4585, July 2006.
[RFC4567] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E. [RFC4614] Duke, M., Braden, R., Eddy, W., and E. Blanton, "A
Carrara, "Key Management Extensions for Session Roadmap for Transmission Control Protocol (TCP)
Description Protocol (SDP) and Real Time Streaming Specification Documents", RFC 4614, September 2006.
Protocol (RTSP)", RFC 4567, July 2006.
[RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session [RFC5479] Wing, D., Fries, S., Tschofenig, H., and F. Audet,
Description Protocol (SDP) Security Descriptions for Media "Requirements and Analysis of Media Security Management
Streams", RFC 4568, July 2006. Protocols", RFC 5479, April 2009.
[RFC4614] Duke, M., Braden, R., Eddy, W., and E. Blanton, "A Roadmap [RFC7201] Westerlund, M. and C. Perkins, "Options for Securing RTP
for Transmission Control Protocol (TCP) Specification Sessions", RFC 7201, April 2014.
Documents", RFC 4614, September 2006.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security [RTSP] Schulzrinne, H., Rao, A., Lanphier, R., Westerlund, M.,
(TLS) Protocol Version 1.2", RFC 5246, August 2008. and M. Stiemerling, "Real Time Streaming Protocol 2.0
(RTSP)", Work in Progress, February 2014.
[RFC5479] Wing, D., Fries, S., Tschofenig, H., and F. Audet, [T3GPP.26.346]
"Requirements and Analysis of Media Security Management 3GPP, "Multimedia Broadcast/Multicast Service (MBMS);
Protocols", RFC 5479, April 2009. Protocols and codecs", 3GPP TS 26.346 10.7.0, March
2013,
<http://www.3gpp.org/ftp/Specs/html-info/26346.htm>.
[RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer [WebRTC-SEC] Rescorla, E., "WebRTC Security Architecture", Work in
Security (DTLS) Extension to Establish Keys for the Secure Progress, February 2014.
Real-time Transport Protocol (SRTP)", RFC 5764, May 2010.
Authors' Addresses Authors' Addresses
Colin Perkins Colin Perkins
University of Glasgow University of Glasgow
Department of Computing Science School of Computing Science
Glasgow G12 8QQ Glasgow G12 8QQ
UK United Kingdom
Email: csp@csperkins.org EMail: csp@csperkins.org
URI: http://csperkins.org/
Magnus Westerlund Magnus Westerlund
Ericsson Ericsson
Farogatan 6 Farogatan 6
Kista SE-164 80 Kista SE-164 80
Sweden Sweden
Email: magnus.westerlund@ericsson.com EMail: magnus.westerlund@ericsson.com
 End of changes. 65 change blocks. 
297 lines changed or deleted 314 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/