On 9/3/2011 8:10 AM, Eric Rescorla wrote: > On Fri, Sep 2, 2011 at 11:17 AM, Matthew Kaufman > <matthew.kaufman@skype.net> wrote: > >> DTLS is even >> more obvious of course. > Indeed. Experience has shown that designing even this kind of simple security > protocol is hard. In this case it seems extraordinarily inadvisable > given that we > have a well-defined IETF Standards Track protocol designed specifically for > the purpose of securing datagram transmissions. > This just gives more weight to: prefer DTLS-SRTP for media (and DTLS for data) allow plain RTP for media (but not allow data when plain RTP is in use) disallow SRTP (and data) with any other type of keying (i.e. SDES) or, perhaps even better, disallow plain RTP for media as well. Matthew KaufmanReceived on Monday, 5 September 2011 03:56:21 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:21 UTC