draft-ietf-sipbrandy-osrtp-02.txt   draft-ietf-sipbrandy-osrtp-03.txt 
SIPBRANDY Working Group A. Johnston SIPBRANDY Working Group A. Johnston
Internet-Draft Unaffiliated Internet-Draft Rowan University
Intended status: Informational B. Aboba Intended status: Informational B. Aboba
Expires: November 9, 2017 Microsoft Expires: March 22, 2018 Microsoft
A. Hutton A. Hutton
Unify Unify / Atos
R. Jesske R. Jesske
Deutsche Telekom Deutsche Telekom
T. Stach T. Stach
Unaffiliated Unaffiliated
May 8, 2017 September 18, 2017
An Opportunistic Approach for Secure Real-time Transport Protocol An Opportunistic Approach for Secure Real-time Transport Protocol
(OSRTP) (OSRTP)
draft-ietf-sipbrandy-osrtp-02 draft-ietf-sipbrandy-osrtp-03
Abstract Abstract
Opportunistic Secure Real-time Transport Protocol (OSRTP) allows Opportunistic Secure Real-time Transport Protocol (OSRTP) is an
encrypted media to be used in environments where support for implementation of the Opportunistic Security mechanism, as defined in
encryption is not known in advance, and not required. OSRTP is an RFC 7435, applied to Real-time Transport Protocol (RTP). OSRTP
implementation of Opportunistic Security, as defined in RFC 7435. allows encrypted media to be used in environments where support for
OSRTP does not require advanced SDP extensions or features and is encryption is not known in advance, and not required. OSRTP does not
fully backwards compatible with existing secure and insecure require SDP extensions or features and is fully backwards compatible
implementations. OSRTP is not specific to any key management with existing implementations using encrypted and authenticated media
technique for SRTP. OSRTP is a transitional approach useful for and implementations that do not encrypt or authenticate media
migrating existing deployments of real-time communications to a fully packets. OSRTP is not specific to any key management technique for
encrypted and authenticated state. SRTP. OSRTP is a transitional approach useful for migrating existing
deployments of real-time communications to a fully encrypted and
authenticated state.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 9, 2017. This Internet-Draft will expire on March 22, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
skipping to change at page 2, line 41 skipping to change at page 2, line 41
7.2. Informative References . . . . . . . . . . . . . . . . . 7 7.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
Opportunistic Security [RFC7435] (OS) is an approach to security that Opportunistic Security [RFC7435] (OS) is an approach to security that
defines a third mode for security between "cleartext" and defines a third mode for security between "cleartext" and
"comprehensive protection" that allows encryption and authentication "comprehensive protection" that allows encryption and authentication
to be used if supported but will not result in failures if it is not to be used if supported but will not result in failures if it is not
supported. In terms of secure media, cleartext is RTP [RFC3550] supported. In terms of secure media, cleartext is RTP [RFC3550]
media which is negotiated with the AVP (Audio Video Profile) profile media which is negotiated with the RTP/AVP (Audio Video Profile)
defined [RFC3551]. Comprehensive protection is Secure RTP [RFC3711], profile defined [RFC3551]. Comprehensive protection is Secure RTP
negotiated with a secure profile, such as SAVP or SAVPF [RFC5124]. [RFC3711], negotiated with a secure profile, such as SAVP or SAVPF
OSRTP allows SRTP to be negotiated with the AVP profile, with [RFC5124]. OSRTP allows SRTP to be negotiated with the RTP/AVP
fallback to RTP if SRTP is not supported. profile, with fallback to RTP if SRTP is not supported.
There have been some extensions to SDP to allow profiles to be There have been some extensions to SDP to allow profiles to be
negotiated such as SDP Capabilities Negotiation (capneg) [RFC5939] . negotiated such as SDP Capabilities Negotiation (capneg) [RFC5939] .
However, these approaches are complex and have very limited However, these approaches are complex and have very limited
deployment in communication systems. Other key management protocols deployment in communication systems. Other key management protocols
for SRTP have been developed which by design use OS, such as ZRTP for SRTP have been developed which by design use OS, such as ZRTP
[RFC6189]. This approach for OSRTP is based on [RFC6189]. This approach for OSRTP is based on
[I-D.kaplan-mmusic-best-effort-srtp] where it was called "best effort [I-D.kaplan-mmusic-best-effort-srtp] where it was called "best effort
SRTP". [I-D.kaplan-mmusic-best-effort-srtp] has a full discussion of SRTP". [I-D.kaplan-mmusic-best-effort-srtp] has a full discussion of
skipping to change at page 3, line 36 skipping to change at page 3, line 36
2. Requirements Language 2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in RFC "OPTIONAL" in this document are to be interpreted as described in RFC
2119 [RFC2119]. 2119 [RFC2119].
3. Definition of Opportunistic Security for SRTP 3. Definition of Opportunistic Security for SRTP
To indicate support for OSRTP in an SDP offer, the offerer uses the To indicate support for OSRTP in an SDP offer, the offerer uses the
AVP profile [RFC3551] but includes SRTP keying attributes. OSRTP is RTP/AVP profile [RFC3551] but includes SRTP keying attributes. OSRTP
not specific to any key management technique for SRTP. For example: is not specific to any key management technique for SRTP. For
example:
If the offerer supports DTLS-SRTP key agreement [RFC5763], then an If the offerer supports DTLS-SRTP key agreement [RFC5763], then an
a=fingerprint attribute will be present, or a=fingerprint attribute will be present, or
If the offerer supports SDP Security Descriptions key agreement If the offerer supports SDP Security Descriptions key agreement
[RFC4568], then an a=crypto attribute will be present, or [RFC4568], then an a=crypto attribute will be present, or
If the offerer supports ZRTP key agreement [RFC6189], then an If the offerer supports ZRTP key agreement [RFC6189], then an
a=zrtp-hash attribute will be present. a=zrtp-hash attribute will be present.
skipping to change at page 4, line 12 skipping to change at page 4, line 13
NOT contain attributes from more than one keying method, even if the NOT contain attributes from more than one keying method, even if the
offer contained multiple keying method attributes. The selected SRTP offer contained multiple keying method attributes. The selected SRTP
key management approach is followed and SRTP media is used for this key management approach is followed and SRTP media is used for this
session. If the SRTP key management fails for any reason, the media session. If the SRTP key management fails for any reason, the media
session MUST fail. To decline OSRTP, the answerer generates an SDP session MUST fail. To decline OSRTP, the answerer generates an SDP
answer omitting SRTP keying attributes, and the media session answer omitting SRTP keying attributes, and the media session
proceeds with RTP with no encryption or authentication used. proceeds with RTP with no encryption or authentication used.
If the offerer of OSRTP receives an SDP answer which does not contain If the offerer of OSRTP receives an SDP answer which does not contain
SRTP keying attributes, then the media session proceeds with RTP. If SRTP keying attributes, then the media session proceeds with RTP. If
the SDP answer contains the AVP (or RTP/AVP) profile with SRTP keying the SDP answer contains the RTP/AVP profile with SRTP keying
attributes or the SAVP (or UDP/TLS/RTP/SAVP(F)) profile with SRTP attributes or the SAVP (or UDP/TLS/RTP/SAVP(F)) profile with SRTP
keying attributes, then that particular SRTP key management approach keying attributes, then that particular SRTP key management approach
is followed and SRTP media is used for this session. If the SRTP key is followed and SRTP media is used for this session. If the SRTP key
management fails, the media session MUST fail. management fails, the media session MUST fail.
It is important to note that OSRTP makes no changes, and has no It is important to note that OSRTP makes no changes, and has no
effect on media sessions in which the offer contains a secure profile effect on media sessions in which the offer contains a secure profile
of RTP, such as SAVP or SAVPF. As discussed in [RFC7435], this is of RTP, such as SAVP or SAVPF. As discussed in [RFC7435], this is
the "comprehensive protection" for media mode. the "comprehensive protection" for media mode.
skipping to change at page 4, line 38 skipping to change at page 4, line 39
particular SRTP key agreement approach are relaxed when that key particular SRTP key agreement approach are relaxed when that key
agreement is used with OSRTP. For example: agreement is used with OSRTP. For example:
For DTLS-SRTP key agreement [RFC5763], an authenticated signaling For DTLS-SRTP key agreement [RFC5763], an authenticated signaling
channel does not need to be used with OSRTP if it is not channel does not need to be used with OSRTP if it is not
available. available.
For SDP Security Descriptions key agreement [RFC4568], an For SDP Security Descriptions key agreement [RFC4568], an
authenticated signaling channel does not need to be used with authenticated signaling channel does not need to be used with
OSRTP if it is not available, although an encrypted signaling OSRTP if it is not available, although an encrypted signaling
channel must still be used. channel must still be used. The use of SDP Security Descriptions
using the RTP/AVP profile is defined in
[I-D.mmusic-opportunistic-negotiation].
For ZRTP key agreement [RFC6189], the security considerations are For ZRTP key agreement [RFC6189], the security considerations are
unchanged, since ZRTP does not rely on the security of the unchanged, since ZRTP does not rely on the security of the
signaling channel. signaling channel.
As discussed in [RFC7435], OSRTP is used in cases where support for As discussed in [RFC7435], OSRTP is used in cases where support for
encryption by the other party is not known in advance, and not encryption by the other party is not known in advance, and not
required. For cases where it is known that the other party supports required. For cases where it is known that the other party supports
SRTP or SRTP needs to be used, OSRTP MUST NOT be used. Instead, a SRTP or SRTP needs to be used, OSRTP MUST NOT be used. Instead, a
secure profile of RTP is used in the offer. secure profile of RTP is used in the offer.
skipping to change at page 6, line 5 skipping to change at page 6, line 5
who is greatly missed in our community. His work on improving who is greatly missed in our community. His work on improving
security in SIP and RTP provided the foundation for this work. security in SIP and RTP provided the foundation for this work.
Thanks to Eric Rescorla, Martin Thomson, and Richard Barnes for their Thanks to Eric Rescorla, Martin Thomson, and Richard Barnes for their
comments. comments.
7. References 7. References
7.1. Normative References 7.1. Normative References
[I-D.mmusic-opportunistic-negotiation]
Hutton, A., Jesske, R., Johnston, A., Salgueiro, G., and
B. Aboba, "Negotiating SRTP and RTCP Feedback using the
RTP/AVP Profile", draft-mmusic-opportunistic-
negotiation-00 (work in progress), June 2017.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model
with Session Description Protocol (SDP)", RFC 3264, with Session Description Protocol (SDP)", RFC 3264,
DOI 10.17487/RFC3264, June 2002, DOI 10.17487/RFC3264, June 2002,
<http://www.rfc-editor.org/info/rfc3264>. <https://www.rfc-editor.org/info/rfc3264>.
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550, Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550,
July 2003, <http://www.rfc-editor.org/info/rfc3550>. July 2003, <https://www.rfc-editor.org/info/rfc3550>.
[RFC3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and [RFC3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and
Video Conferences with Minimal Control", STD 65, RFC 3551, Video Conferences with Minimal Control", STD 65, RFC 3551,
DOI 10.17487/RFC3551, July 2003, DOI 10.17487/RFC3551, July 2003,
<http://www.rfc-editor.org/info/rfc3551>. <https://www.rfc-editor.org/info/rfc3551>.
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
Norrman, "The Secure Real-time Transport Protocol (SRTP)", Norrman, "The Secure Real-time Transport Protocol (SRTP)",
RFC 3711, DOI 10.17487/RFC3711, March 2004, RFC 3711, DOI 10.17487/RFC3711, March 2004,
<http://www.rfc-editor.org/info/rfc3711>. <https://www.rfc-editor.org/info/rfc3711>.
[RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session [RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session
Description Protocol (SDP) Security Descriptions for Media Description Protocol (SDP) Security Descriptions for Media
Streams", RFC 4568, DOI 10.17487/RFC4568, July 2006, Streams", RFC 4568, DOI 10.17487/RFC4568, July 2006,
<http://www.rfc-editor.org/info/rfc4568>. <https://www.rfc-editor.org/info/rfc4568>.
[RFC5124] Ott, J. and E. Carrara, "Extended Secure RTP Profile for [RFC5124] Ott, J. and E. Carrara, "Extended Secure RTP Profile for
Real-time Transport Control Protocol (RTCP)-Based Feedback Real-time Transport Control Protocol (RTCP)-Based Feedback
(RTP/SAVPF)", RFC 5124, DOI 10.17487/RFC5124, February (RTP/SAVPF)", RFC 5124, DOI 10.17487/RFC5124, February
2008, <http://www.rfc-editor.org/info/rfc5124>. 2008, <https://www.rfc-editor.org/info/rfc5124>.
[RFC5763] Fischl, J., Tschofenig, H., and E. Rescorla, "Framework [RFC5763] Fischl, J., Tschofenig, H., and E. Rescorla, "Framework
for Establishing a Secure Real-time Transport Protocol for Establishing a Secure Real-time Transport Protocol
(SRTP) Security Context Using Datagram Transport Layer (SRTP) Security Context Using Datagram Transport Layer
Security (DTLS)", RFC 5763, DOI 10.17487/RFC5763, May Security (DTLS)", RFC 5763, DOI 10.17487/RFC5763, May
2010, <http://www.rfc-editor.org/info/rfc5763>. 2010, <https://www.rfc-editor.org/info/rfc5763>.
[RFC6189] Zimmermann, P., Johnston, A., Ed., and J. Callas, "ZRTP: [RFC6189] Zimmermann, P., Johnston, A., Ed., and J. Callas, "ZRTP:
Media Path Key Agreement for Unicast Secure RTP", Media Path Key Agreement for Unicast Secure RTP",
RFC 6189, DOI 10.17487/RFC6189, April 2011, RFC 6189, DOI 10.17487/RFC6189, April 2011,
<http://www.rfc-editor.org/info/rfc6189>. <https://www.rfc-editor.org/info/rfc6189>.
[RFC7435] Dukhovni, V., "Opportunistic Security: Some Protection [RFC7435] Dukhovni, V., "Opportunistic Security: Some Protection
Most of the Time", RFC 7435, DOI 10.17487/RFC7435, Most of the Time", RFC 7435, DOI 10.17487/RFC7435,
December 2014, <http://www.rfc-editor.org/info/rfc7435>. December 2014, <https://www.rfc-editor.org/info/rfc7435>.
7.2. Informative References 7.2. Informative References
[I-D.kaplan-mmusic-best-effort-srtp] [I-D.kaplan-mmusic-best-effort-srtp]
Audet, F. and H. Kaplan, "Session Description Protocol Audet, F. and H. Kaplan, "Session Description Protocol
(SDP) Offer/Answer Negotiation For Best-Effort Secure (SDP) Offer/Answer Negotiation For Best-Effort Secure
Real-Time Transport Protocol", draft-kaplan-mmusic-best- Real-Time Transport Protocol", draft-kaplan-mmusic-best-
effort-srtp-01 (work in progress), October 2006. effort-srtp-01 (work in progress), October 2006.
[IMTC-SIP] [IMTC-SIP]
"Best Practices for SIP Security", IMTC SIP Parity "Best Practices for SIP Security", IMTC SIP Parity
Group http://www.imtc.org/uc/sip-parity-activity-group/, Group http://www.imtc.org/uc/sip-parity-activity-group/,
2011, <http://www.imtc.org>. 2011, <http://www.imtc.org>.
[RFC5939] Andreasen, F., "Session Description Protocol (SDP) [RFC5939] Andreasen, F., "Session Description Protocol (SDP)
Capability Negotiation", RFC 5939, DOI 10.17487/RFC5939, Capability Negotiation", RFC 5939, DOI 10.17487/RFC5939,
September 2010, <http://www.rfc-editor.org/info/rfc5939>. September 2010, <https://www.rfc-editor.org/info/rfc5939>.
[RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running [RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", RFC 6982, Code: The Implementation Status Section", RFC 6982,
DOI 10.17487/RFC6982, July 2013, DOI 10.17487/RFC6982, July 2013,
<http://www.rfc-editor.org/info/rfc6982>. <https://www.rfc-editor.org/info/rfc6982>.
[SIPCONNECT] [SIPCONNECT]
"SIP-PBX / Service Provider Interoperability SIPconnect "SIP-PBX / Service Provider Interoperability SIPconnect
2.0 - Technical Recommendation", SIP Forum http://www.sipf 2.0 - Technical Recommendation", SIP Forum http://www.sipf
orum.org/component/option,com_docman/task,doc_download/ orum.org/component/option,com_docman/task,doc_download/
gid,838/Itemid,261/, 2017, <http://www.sipforum.org>. gid,838/Itemid,261/, 2017, <http://www.sipforum.org>.
Authors' Addresses Authors' Addresses
Alan Johnston Alan Johnston
Unaffiliated Rowan University
Bellevue, WA Glassboro, NJ
USA USA
Email: alan.b.johnston@gmail.com Email: alan.b.johnston@gmail.com
Bernard Aboba Bernard Aboba
Microsoft Microsoft
One Microsoft Way One Microsoft Way
Redmond, WA 98052 Redmond, WA 98052
USA USA
Email: bernard.aboba@gmail.com Email: bernard.aboba@gmail.com
Andy Hutton Andrew Hutton
Unify Unify / Atos
Technology Drive 4 Triton Square
Nottingham NG9 1LA London NW1 3HG
UK UK
Email: andrew.hutton@unify.com Email: andrew.hutton@atos.net
Roland Jesske Roland Jesske
Deutsche Telekom Deutsche Telekom
Heinrich-Hertz-Strasse 3-7 Heinrich-Hertz-Strasse 3-7
Darmstadt 64295 Darmstadt 64295
Germany Germany
Email: R.Jesske@telekom.de Email: R.Jesske@telekom.de
Thomas Stach Thomas Stach
 End of changes. 29 change blocks. 
46 lines changed or deleted 57 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/