Key Management Extensions for Session Description Protocol (SDP) and Real Time Streaming Protocol (RTSP)
RFC 4567
Document Type RFC - Proposed Standard (July 2006; Errata)
Last updated 2018-12-20
Stream IETF
Formats plain text html pdf htmlized with errata bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state RFC 4567 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Jon Peterson
Send notices to <jo@acm.org>, <csp@csperkins.org>
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                           J. Arkko
Request for Comments: 4567                                   F. Lindholm
Category: Standards Track                                     M. Naslund
                                                              K. Norrman
                                                                Ericsson
                                                              E. Carrara
                                           Royal Institute of Technology
                                                               July 2006

           Key Management Extensions for Session Description
         Protocol (SDP) and Real Time Streaming Protocol (RTSP)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document defines general extensions for Session Description
   Protocol (SDP) and Real Time Streaming Protocol (RTSP) to carry
   messages, as specified by a key management protocol, in order to
   secure the media.  These extensions are presented as a framework, to
   be used by one or more key management protocols.  As such, their use
   is meaningful only when complemented by an appropriate key management
   protocol.

   General guidelines are also given on how the framework should be used
   together with SIP and RTSP.  The usage with the Multimedia Internet
   KEYing (MIKEY) key management protocol is also defined.

Arkko, et al.               Standards Track                     [Page 1]
RFC 4567       Key Management Extensions for SDP and RTSP      July 2006

Table of Contents

   1. Introduction ....................................................3
      1.1. Notational Conventions .....................................4
   2. Applicability ...................................................4
   3. Extensions to SDP and RTSP ......................................5
      3.1. SDP Extensions .............................................5
      3.2. RTSP Extensions ............................................6
   4. Usage with SDP, SIP, RTSP, and SAP ..............................7
      4.1. Use of SDP .................................................8
           4.1.1. General Processing ..................................8
           4.1.2. Use of SDP with Offer/Answer and SIP ...............10
           4.1.3. Use of SDP with SAP ................................13
           4.1.4. Bidding-Down Attack Prevention .....................13
      4.2. RTSP Usage ................................................14
   5. Example Scenarios ..............................................17
      5.1. Example 1 (SIP/SDP) .......................................17
      5.2. Example 2 (SDP) ...........................................18
      5.3. Example 3 (RTSP) ..........................................18
      5.4. Example 4 (RTSP) ..........................................20
   6. Adding Further Key Management Protocols ........................21
   7. Integration of MIKEY ...........................................22
      7.1. MIKEY Interface ...........................................22
   8. Security Considerations ........................................23
   9. IANA Considerations ............................................25
      9.1. SDP Attribute Registration ................................25
      9.2. RTSP Registration .........................................26
      9.3. Protocol Identifier Registration ..........................26
   10. Acknowledgements ..............................................27
   11. References ....................................................27
      11.1. Normative References .....................................27
      11.2. Informative References ...................................28

Arkko, et al.               Standards Track                     [Page 2]
RFC 4567       Key Management Extensions for SDP and RTSP      July 2006

1.  Introduction

   There has recently been work to define a security profile for the
   protection of real-time applications running over RTP, [SRTP].
   However, a security protocol needs a key management solution to
   exchange keys and security parameters, manage and refresh keys, etc.

   A key management protocol is executed prior to the security
   protocol's execution.  The key management protocol's main goal is to,
   in a secure and reliable way, establish a security association for
   the security protocol.  This includes one or more cryptographic keys
   and the set of necessary parameters for the security protocol, e.g.,
   cipher and authentication algorithms to be used.  The key management
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools