draft-ietf-perc-srtp-ekt-diet-00.txt   draft-ietf-perc-srtp-ekt-diet-01.txt 
PERC Working Group J. Mattsson, Ed. PERC Working Group J. Mattsson, Ed.
Internet-Draft Ericsson Internet-Draft Ericsson
Intended status: Standards Track D. McGrew Intended status: Standards Track D. McGrew
Expires: November 10, 2016 D. Wing Expires: January 9, 2017 D. Wing
F. Andreasen F. Andreasen
C. Jennings C. Jennings
Cisco Cisco
May 9, 2016 July 8, 2016
Encrypted Key Transport for Secure RTP Encrypted Key Transport for Secure RTP
draft-ietf-perc-srtp-ekt-diet-00 draft-ietf-perc-srtp-ekt-diet-01
Abstract Abstract
Encrypted Key Transport (EKT) is an extension to Secure Real-time Encrypted Key Transport (EKT) is an extension to Secure Real-time
Transport Protocol (SRTP) that provides for the secure transport of Transport Protocol (SRTP) that provides for the secure transport of
SRTP master keys, Rollover Counters, and other information within SRTP master keys, Rollover Counters, and other information within
SRTP. This facility enables SRTP to work for decentralized SRTP. This facility enables SRTP to work for decentralized
conferences with minimal control by allowing a common key to be used conferences with minimal control by allowing a common key to be used
across multiple endpoints. across multiple endpoints.
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 10, 2016. This Internet-Draft will expire on January 9, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 6, line 8 skipping to change at page 6, line 8
Time to Live (TTL): The maximum amount of time that this key can be Time to Live (TTL): The maximum amount of time that this key can be
used. A unsigned 16 bit integer representing duration in seconds. used. A unsigned 16 bit integer representing duration in seconds.
The SRTP Master key in this message MUST NOT be used for The SRTP Master key in this message MUST NOT be used for
encrypting or decrypting information after this time. Open Issue: encrypting or decrypting information after this time. Open Issue:
does this need to be absolute time not duration? TODO: discuss in does this need to be absolute time not duration? TODO: discuss in
security section. security section.
Security Parameter Index (SPI): This field indicates the appropriate Security Parameter Index (SPI): This field indicates the appropriate
EKT Key and other parameters for the receiver to use when EKT Key and other parameters for the receiver to use when
processing the packet. Each time a different EKT Key is received, processing the packet. Each time a different EKT Key is received,
it will have a larger SPI than the previos key. The length of it will have a larger SPI than the previous key (after taking
this field is 16 bits. The parameters identified by this field rollover into account). The length of this field is 16 bits. The
are: parameters identified by this field are:
* The EKT cipher used to process the packet. * The EKT cipher used to process the packet.
* The EKT Key used to process the packet. * The EKT Key used to process the packet.
* The SRTP Master Salt associated with any Master Key encrypted * The SRTP Master Salt associated with any Master Key encrypted
with this EKT Key. with this EKT Key.
Together, these data elements are called an EKT parameter set. Together, these data elements are called an EKT parameter set.
Within each SRTP session, each distinct EKT parameter set that may Within each SRTP session, each distinct EKT parameter set that may
skipping to change at page 6, line 35 skipping to change at page 6, line 35
a length as the second from last elements. This is the length in a length as the second from last elements. This is the length in
octets of the full EKT message including this length field and the octets of the full EKT message including this length field and the
following message type. following message type.
Message Type The last byte is used to indicate the type of the Message Type The last byte is used to indicate the type of the
Field. This MUST be 2 in the Full EKT Field format and 0 in Short Field. This MUST be 2 in the Full EKT Field format and 0 in Short
EKT Field. Future specifications that define new types SHOULD use EKT Field. Future specifications that define new types SHOULD use
even values until all the even code points are consumed to avoid even values until all the even code points are consumed to avoid
conflicts with pre standards version of EKT that have been conflicts with pre standards version of EKT that have been
deployed. Values less than 64 are mandatory to understand the deployed. Values less than 64 are mandatory to understand the
whole EKT field SHOULD be discarded if it contains value message whole EKT field SHOULD be discarded if it contains message type
type that is less than 64 and not implemented. value that is less than 64 and not implemented.
TODO - add IANA registry for Message Type. TODO - add IANA registry for Message Type.
2.2. Packet Processing and State Machine 2.2. Packet Processing and State Machine
At any given time, each SRTP/SRTCP source (SSRC) has associated with At any given time, each SRTP/SRTCP source (SSRC) has associated with
it a single EKT parameter set. This parameter set is used to process it a single EKT parameter set. This parameter set is used to process
all outbound packets, and is called the outbound parameter set for all outbound packets, and is called the outbound parameter set for
that SSRC. There may be other EKT parameter sets that are used by that SSRC. There may be other EKT parameter sets that are used by
other SRTP/SRTCP sources in the same session, including other SRTP/ other SRTP/SRTCP sources in the same session, including other SRTP/
 End of changes. 6 change blocks. 
9 lines changed or deleted 9 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/