On 3/22/07, Neil Piercy <[EMAIL PROTECTED]> wrote: > Attached are patches which provide a basic dissection of Secure RTP/RTCP > profile: > > - display of the fields used in the SRTP & SRTCP payloads > > - deliberate prevention of the normal dissection of the encrypted payloads > > - addition of a callable interface to add SRTP (rather than RTP) streams > from signalling protocols. > > There are no signalling protocols using this yet - I have a currently > private protocol which uses it, but I think SRTP/SRTCP support is of wider > relevance. > > It has passed testing with our usage of these functions, but we certainly > don't exercise all paths, so all comment and testing welcome. > > Ideally I (or somebody else) will go on to add decryption - some hooks are > already in the header files for this - and subsequent dissection of the > payload. > > I'd also welcome any views on how to handle RTP profiles in general in > Wireshark, especially for non-signalled RTP captures: having lots of user > preferences sounds to me like it will get out of hand, but without that I'm > not sure how to deal with RTP payloads - de we need another layer of "Decode > As..." for RTP payloads ?
What about heuristics? is there some sort of magic we can use to determine if it is SRTP? is there a checksum or similar info we can check? > Regards, > Neil > > > _______________________________________________ > Wireshark-dev mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
