draft-ietf-perc-private-media-framework-11.txt   draft-ietf-perc-private-media-framework-12.txt 
Network Working Group P. Jones Network Working Group P. Jones
Internet-Draft Cisco Internet-Draft Cisco
Intended status: Standards Track D. Benham Intended status: Standards Track D. Benham
Expires: November 22, 2019 C. Groves Expires: December 7, 2019 C. Groves
Independent Independent
May 21, 2019 June 5, 2019
A Solution Framework for Private Media in Privacy Enhanced RTP A Solution Framework for Private Media in Privacy Enhanced RTP
Conferencing (PERC) Conferencing (PERC)
draft-ietf-perc-private-media-framework-11 draft-ietf-perc-private-media-framework-12
Abstract Abstract
This document describes a solution framework for ensuring that media This document describes a solution framework for ensuring that media
confidentiality and integrity are maintained end-to-end within the confidentiality and integrity are maintained end-to-end within the
context of a switched conferencing environment where media context of a switched conferencing environment where media
distributors are not trusted with the end-to-end media encryption distributors are not trusted with the end-to-end media encryption
keys. The solution builds upon existing security mechanisms defined keys. The solution builds upon existing security mechanisms defined
for the real-time transport protocol (RTP). for the real-time transport protocol (RTP).
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 22, 2019. This Internet-Draft will expire on December 7, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 29 skipping to change at page 3, line 29
only a subset of flows based on voice activity detection or other only a subset of flows based on voice activity detection or other
criteria. In some instances, Media Distributors may make limited criteria. In some instances, Media Distributors may make limited
modifications to RTP [RFC3550] headers, for example, but the actual modifications to RTP [RFC3550] headers, for example, but the actual
media content (e.g., voice or video data) is unaltered. media content (e.g., voice or video data) is unaltered.
An advantage of switched conferencing is that Media Distributors can An advantage of switched conferencing is that Media Distributors can
be more easily deployed on general-purpose computing hardware, be more easily deployed on general-purpose computing hardware,
including virtualized environments in private and public clouds. including virtualized environments in private and public clouds.
Virtualized public cloud environments have been viewed as less secure Virtualized public cloud environments have been viewed as less secure
since resources are not always physically controlled by those who use since resources are not always physically controlled by those who use
them and since there are usually several ports open to the public. them. This document defines improved security so as to lower the
This document defines improved security so as to lower the barrier to barrier to taking advantage of those environments.
taking advantage of those environments.
This document defines a solution framework wherein media privacy is This document defines a solution framework wherein media privacy is
ensured by making it impossible for a Media Distributor to gain ensured by making it impossible for a Media Distributor to gain
access to keys needed to decrypt or authenticate the actual media access to keys needed to decrypt or authenticate the actual media
content sent between conference participants. At the same time, the content sent between conference participants. At the same time, the
framework allows for the Media Distributors to modify certain RTP framework allows for the Media Distributors to modify certain RTP
headers; add, remove, encrypt, or decrypt RTP header extensions; and headers; add, remove, encrypt, or decrypt RTP header extensions; and
encrypt and decrypt RTP Control Protocol (RTCP) [RFC3550] packets. encrypt and decrypt RTP Control Protocol (RTCP) [RFC3550] packets.
The framework also prevents replay attacks by authenticating each The framework also prevents replay attacks by authenticating each
packet transmitted between a given participant and the Media packet transmitted between a given participant and the Media
 End of changes. 5 change blocks. 
7 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/