The Secure Real-time Transport Protocol (SRTP)
draft-ietf-avt-srtp-09
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Steven Bellovin |
2003-11-19
|
09 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2003-11-18
|
09 | Amy Vezza | IESG state changed to Approved-announcement sent |
2003-11-18
|
09 | Amy Vezza | IESG has approved the document |
2003-11-18
|
09 | Amy Vezza | Closed "Approve" ballot |
2003-11-10
|
09 | Allison Mankin | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Allison Mankin |
2003-11-09
|
09 | Russ Housley | I looked at draft-ietf-avt-srtp-09. I have the following comments: 1. The revised 1st paragraph in section 1.1 is screaming for a reference to RFC 1750 … I looked at draft-ietf-avt-srtp-09. I have the following comments: 1. The revised 1st paragraph in section 1.1 is screaming for a reference to RFC 1750. 2. Section 2 could still use editing, but I do not think it is important enough to hold up the document. 3. My comments on the last paragraph is section 3.2.3 were not handled. The point was not just to delete a single word. It needs to be discarded, and there needs to be no further processing. |
2003-11-09
|
09 | Allison Mankin | [Note]: 'IESG review 2003-06-26 - Russ Housley Discuss comments will be addressed in 09. Also need to reduce the number of authors (seven currently).' has … [Note]: 'IESG review 2003-06-26 - Russ Housley Discuss comments will be addressed in 09. Also need to reduce the number of authors (seven currently).' has been cleared by Allison Mankin |
2003-07-24
|
09 | Allison Mankin | State Changes to IESG Evaluation :: AD Followup from IESG Evaluation :: Revised ID Needed by Mankin, Allison |
2003-07-23
|
09 | (System) | New version available: draft-ietf-avt-srtp-09.txt |
2003-06-27
|
09 | Allison Mankin | State Changes to IESG Evaluation :: Revised ID Needed from IESG Evaluation by Mankin, Allison |
2003-06-27
|
09 | Allison Mankin | IESG review 2003-06-26 - Russ Housley Discuss comments will be addressed in 09. Also need to reduce the number of authors (seven currently). |
2003-06-27
|
09 | Allison Mankin | Ready for IESG review - last call comments found a few concerns with the treatment of padding and index and these were corrected in a … Ready for IESG review - last call comments found a few concerns with the treatment of padding and index and these were corrected in a new rev |
2003-06-26
|
09 | Allison Mankin | State Changes to IESG Evaluation from IESG Evaluation - Defer by Mankin, Allison |
2003-06-16
|
09 | Jacqueline Hargest | State Changes to IESG Evaluation - Defer from IESG Evaluation - Defer by Hargest, Jacqueline |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Ned Freed |
2003-06-16
|
09 | (System) | [Ballot Position Update] Position for Steven Bellovin has been changed to No Objection from No Record |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Bert Wijnen |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, Yes, has been recorded for Allison Mankin |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand |
2003-06-16
|
09 | (System) | [Ballot Position Update] New position, No Objection, has been recorded for Erik Nordmark |
2003-06-16
|
09 | Steven Bellovin | [Ballot discuss] |
2003-06-16
|
09 | Steven Bellovin | [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right … [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right now, it's (k_s << 16) ^ (ssrc << 64) ^ (i << 16), where k_s is the session key, ssrc is the 32-bit synchronization source, and i is the 48-bit packet index. The low-order 16 bits are for the block number within the packet, which is fine. The problem I have is that given the mandated 0-padding, the high-order 32 bits of the IV are from k_s, unmodified by anything else. Furthermore ssrc and i are known to the attacker, and the block count is obvious. This means that the IV is a trivial function of most of the session key. I don't *think* that that's a problem, but any extra use of keys makes me nervous. |
2003-06-16
|
09 | Steven Bellovin | [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right … [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right now, it's (k_s << 16) ^ (ssrc << 64) ^ (i << 16), where k_s is the session key, ssrc is the 32-bit synchronization source, and i is the 48-bit packet index. The low-order 16 bits are for the block number within the packet, which is fine. The problem I have is that given the mandated 0-padding, the high-order 32 bits of the IV are from k_s, unmodified by anything else. Furthermore ssrc and i are known to the attacker, and the block count is obvious. This means that the IV is a trivial function of most of the session key. I don't *think* that that's a problem, but any extra use of keys makes me nervous. |
2003-06-16
|
09 | (System) | Ballot has been issued |
2003-06-16
|
09 | Steven Bellovin | [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right … [Ballot discuss] SSRC should be expanded in the text the first time it's used. The IV definition in 4.1.1 has me a bit nervous. Right now, it's (k_s << 16) ^ (ssrc << 64) ^ (i << 16), where k_s is the session key, ssrc is the 32-bit synchronization source, and i is the 48-bit packet index. The low-order 16 bits are for the block number within the packet, which is fine. The problem I have is that given the mandated 0-padding, the high-order 32 bits of the IV are from k_s, unmodified by anything else. Furthermore ssrc and i are known to the attacker, and the block count is obvious. This means that the IV is a trivial function of most of the session key. I don't *think* that that's a problem, but any extra use of keys makes me nervous. |
2003-06-16
|
09 | Steven Bellovin | Created "Approve" ballot |
2003-06-16
|
09 | (System) | Ballot writeup text was added |
2003-06-16
|
09 | (System) | Last call text was added |
2003-06-16
|
09 | (System) | Ballot approval text was added |
2003-06-11
|
09 | Michael Lee | Deferred by Russ |
2003-06-11
|
09 | Michael Lee | State Changes to IESG Evaluation - Defer from IESG Evaluation by Lee, Michael |
2003-06-08
|
09 | Michael Lee | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Lee, Michael |
2003-06-06
|
09 | Michael Lee | State Changes to Waiting for AD Go-Ahead from Waiting for Writeup by Lee, Michael |
2003-06-03
|
08 | (System) | New version available: draft-ietf-avt-srtp-08.txt |
2003-06-02
|
09 | Allison Mankin | Ready for IESG review - last call comments found a few concerns with the treatment of padding and index and these were corrected in a … Ready for IESG review - last call comments found a few concerns with the treatment of padding and index and these were corrected in a new rev. |
2003-06-02
|
09 | Allison Mankin | State Changes to Waiting for Writeup from In Last Call by Mankin, Allison |
2003-06-02
|
07 | (System) | New version available: draft-ietf-avt-srtp-07.txt |
2003-05-08
|
09 | Jacqueline Hargest | State Changes to In Last Call from Last Call Requested by Hargest, Jacqueline |
2003-05-08
|
09 | Jacqueline Hargest | Status date has been changed to 2003-5-22 from |
2003-05-08
|
09 | (System) | Last call sent |
2003-05-07
|
09 | Allison Mankin | State Changes to Last Call Requested from AD Evaluation by Mankin, Allison |
2003-04-30
|
06 | (System) | New version available: draft-ietf-avt-srtp-06.txt |
2003-01-21
|
09 | Allison Mankin | State Changes to AD Evaluation :: Revised ID Needed from Expert Review :: AD Followup by Mankin, Allison |
2003-01-21
|
09 | Allison Mankin | Responded to the chairs/WG from myself, Ekr and SMB to the AVT list 2003-Jan-20 - the SRTP profile needs to default to an 80-bit MAC … Responded to the chairs/WG from myself, Ekr and SMB to the AVT list 2003-Jan-20 - the SRTP profile needs to default to an 80-bit MAC but have security consideration that explain why it turns it off because of specific numeric error conditions Also expected in the rev will be some language agreed on earlier related to care on sequence numbers due to their great significance in the counter mode vs. the low damage of getting them wrong in normal RTP. SMB wrote to AVT that the important thing is to "make sure implementors who aren't security experts understand the cost-benefit tradeoff" and similarly they need to understand when there are new risks. |
2002-09-20
|
09 | Allison Mankin | Currently evaluating the expert review and will give recommended fixes very shortly. |
2002-09-20
|
09 | Allison Mankin | A new comment added by mankin |
2002-09-20
|
09 | Allison Mankin | State Changes to Expert Review -- Evaluation of Result from Expert Review by mankin |
2002-07-31
|
09 | Allison Mankin | State Changes to Expert Review from AD Evaluation … State Changes to Expert Review from AD Evaluation by mankin |
2002-07-26
|
09 | Allison Mankin | responsible has been changed to mankin from Responsible AD |
2002-07-26
|
09 | Allison Mankin | Teleconference with Ekr and revs on review before sending it to authors and chairs - 20020725 |
2002-07-26
|
09 | Allison Mankin | A new comment added by mankin |
2002-07-23
|
09 | Allison Mankin | responsible has been changed to Responsible AD from Allison |
2002-07-23
|
09 | Allison Mankin | State Changes to AD Evaluation from Pre AD … State Changes to AD Evaluation from Pre AD Evaluation by mankin |
2002-07-23
|
09 | Allison Mankin | Reviewed received from Ekr: 20020723 |
2002-07-23
|
09 | Allison Mankin | A new comment added by mankin |
2002-07-02
|
09 | Stephen Coya | Draft Added by scoya |
2002-06-27
|
05 | (System) | New version available: draft-ietf-avt-srtp-05.txt |
2002-05-08
|
04 | (System) | New version available: draft-ietf-avt-srtp-04.txt |
2002-03-04
|
03 | (System) | New version available: draft-ietf-avt-srtp-03.txt |
2001-11-29
|
02 | (System) | New version available: draft-ietf-avt-srtp-02.txt |
2001-07-25
|
01 | (System) | New version available: draft-ietf-avt-srtp-01.txt |
2001-02-27
|
00 | (System) | New version available: draft-ietf-avt-srtp-00.txt |