AVT Working Group                                                D. Wing
Internet-Draft                                                     Cisco
Updates:  4568, 3711                                   December 22, 2009
(if approved)
Intended status:  Standards Track
Expires:  June 25, 2010


                 Policy for Registering SRTP Transforms
                    draft-wing-avt-register-srtp-02

Abstract

   IETF procedure requires country-specific cryptographic transforms to
   be Informational RFCs.  This document allows such Informational RFCs
   to be used by SRTP and SRTP Security Descriptions.

Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on June 25, 2010.

Copyright Notice




Wing                      Expires June 25, 2010                 [Page 1]

Internet-Draft   Policy for Registering SRTP Transforms    December 2009


   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the BSD License.


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Security Considerations . . . . . . . . . . . . . . . . . . . . 3
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3
   4.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 3
   5.  Normative References  . . . . . . . . . . . . . . . . . . . . . 3
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 4





























Wing                      Expires June 25, 2010                 [Page 2]

Internet-Draft   Policy for Registering SRTP Transforms    December 2009


.  Introduction

   It is desirable to extend SRTP and its keying mechanisms to support
   country-specific cryptographic transforms.  This document resolves a
   clash between IETF procedure and existing RFCs.  IETF procedure
   requires that country-specific cryptographic transforms be published
   as Informational RFCs [[citation needed]], but existing documents
   require extensions to SRTP and extensions to SRTP keying to be
   published as Standards-Track RFCs.

   The IANA Considerations section of this document resolves this clash
   by allowing Informational RFCs to register new cryptographic
   transforms.


.  Security Considerations

   This specification makes it easier for new cryptographic transforms
   to be used with SRTP.  However, this specifications does not lift the
   requirement that cryptographic transforms is subject to IETF Review
   to ensure their appropriateness and level of security.


.  IANA Considerations

   This document updates Section 6 and 12 of [RFC3711] and Section
   10.3.2.1 of [RFC4568].  The update of [RFC4568] also updates the
   requirements to register a new SRTP Crypto Suite at [SDESC].

   After publication of this document, new SRTP cryptographic transforms
   MUST be allocated by IANA using the "IETF Review" policy of [RFC5226]
   using either Informational or Standards-track RFCs.


.  Acknowledgements

   Thanks to Roni Even for guidance on this document.  Thanks to Carlos
   Pignataro and Brian Weis and for their review comments.

   This document was produced using version 1.35pre1 of XML2RFC.


.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC3711]  Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.



Wing                      Expires June 25, 2010                 [Page 3]

Internet-Draft   Policy for Registering SRTP Transforms    December 2009


              Norrman, "The Secure Real-time Transport Protocol (SRTP)",
              RFC 3711, March 2004.

   [RFC4568]  Andreasen, F., Baugher, M., and D. Wing, "Session
              Description Protocol (SDP) Security Descriptions for Media
              Streams", RFC 4568, July 2006.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              May 2008.

   [SDESC]    IANA, "SDP Security Descriptions: SRTP Crypto Suite
              Registrations", December 2009, <http://www.iana.org/
              assignments/sdp-security-descriptions>.


Author's Address

   Dan Wing
   Cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, CA  95134
   USA

   Email:  dwing@cisco.com


























Wing                      Expires June 25, 2010                 [Page 4]