Thanks Jonathan for the details. I see all of them are the drafts for the "Opportunistic SRTP" but not the RFCs so isn't it the(sending the above SDP) is violation of RFC 4568 if the offer-er supports it.
please pardon my knowledge on SRTP as I'm relatively new on this. Cheers, Aman On Tue, Nov 7, 2017 at 11:08 PM, Jonathan Lennox <len...@cs.columbia.edu> wrote: > On Tuesday, November 7 2017, "Aman" wrote to "sip-implementors" saying: > > > Hi All, > > > > Is sending the crypto attribute to secure the RTP with the media line > > saying "RTP/AVP" is correct way to demonstrate remote end point to choose > > if they want to have a secure RTP or non-secure RTP as per the RFC 4568? > > This is known as "opportunistic SRTP". It has been fairly common practice > for over a decade, but is only now being formally standardized by the IETF. > > See https://tools.ietf.org/html/draft-ietf-mmusic- > opportunistic-negotiation-01 > and https://tools.ietf.org/html/draft-ietf-sipbrandy-osrtp-02 for the > current work (the latter also includes some discussion of the history), and > https://tools.ietf.org/html/draft-kaplan-mmusic-best-effort-srtp-01 for > the > original proposal from 2006. > > > I mean is following a correct SDP offer, > > > > v=0 > > o=jdoe 2890844526 2890842807 IN IP4 10.47.16.5 > > s=SDP Seminar > > i=A Seminar on the session description protocol > > u=http://www.example.com/seminars/sdp.pdf > > e=j....@example.com (Jane Doe) > > c=IN IP4 161.44.17.12/127 > > t=2873397496 2873404696 > > m=video 51372 RTP/AVP 31 > > a=crypto:1 AES_CM_128_HMAC_SHA1_80 > > inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 > > m=audio 49170 RTP/AVP 0 > > a=crypto:1 AES_CM_128_HMAC_SHA1_32 > > inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 > > m=application 32416 udp wb > > a=orient:portrait > > > > If yes, so answerer can decide if they want to have a secure RTP or not. > > > > but as per RFC 4568 section 6, it is not, but I have seen some > call-agents > > sending offer as above. > > > > ... > > > > SRTP security descriptions MUST only be used with the SRTP transport > > (e.g., "RTP/SAVP" or "RTP/SAVPF"). The following specifies security > > descriptions for the "RTP/SAVP" profile, defined in [RFC3711 > > <https://tools.ietf.org/html/rfc3711>]. > > However, it is expected that other secure RTP profiles (e.g., > > "RTP/SAVPF") can use the same descriptions, which are in accordance > > with the SRTP protocol specification [RFC3711 > > <https://tools.ietf.org/html/rfc3711>]. > > > > ... > > -- > Jonathan Lennox > len...@cs.columbia.edu > _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
