Skip to main content

Secure Frame (SFrame)

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,,,
Subject: Protocol Action: 'Secure Frame (SFrame)' to Proposed Standard (draft-ietf-sframe-enc-09.txt)

The IESG has approved the following document:
- 'Secure Frame (SFrame)'
  (draft-ietf-sframe-enc-09.txt) as Proposed Standard

This document is the product of the Secure Media Frames Working Group.

The IESG contact persons are Murray Kucherawy and Orie Steele.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

   This document describes the Secure Frame (SFrame) end-to-end
   encryption and authentication mechanism for media frames in a
   multiparty conference call, in which central media servers (selective
   forwarding units or SFUs) can access the media metadata needed to
   make forwarding decisions without having access to the actual media.

   The proposed mechanism differs from the Secure Real-Time Protocol
   (SRTP) in that it is independent of RTP (thus compatible with non-RTP
   media transport) and can be applied to whole media frames in order to
   be more bandwidth efficient.

Working Group Summary

   This document is the input document that caused the formation of the SFrame
   working group.  It is substantially the same as that original input on a
   technical level, though many aspects of that design have been tested in the
   working group. The editorial quality is significantly improved and more robust
   security and deployment considerations are now present.  The one major addition
   was the inclusion of a concrete usage of MLS for key management, which was
   originally in a separate draft.

   This work spent a long time without a lot activity, interspersed with short
   bursts of high productivity.  The WG chairs believe that sufficient input has
   been received despite this.

Document Quality

   Implementations and deployments exist.  Test vectors are included and are
   produced and checked by an automated system.

   This document includes a very straightforward integration of AEAD and HKDF.
   Careful security review from outside of the working group will be helpful, but
   this shepherd believes that this has a low risk profile due to the extreme lack
   of novelty.  There is no formal analysis.


   The Document Shepherd for this document is Martin Thomson. The
   Responsible Area Director is Murray Kucherawy.

RFC Editor Note