The RFC Archive
 The RFC Archive   RFC 8643   « Jump to any RFC number directly 
 RFC Home
Full RFC Index
Recent RFCs
RFC Standards
Best Current Practice
RFC Errata
1 April RFC



IETF RFC 8643



Last modified on Saturday, August 10th, 2019

Permanent link to RFC 8643
Search GitHub Wiki for RFC 8643
Show other RFCs mentioning RFC 8643







Internet Engineering Task Force (IETF)                       A. Johnston
Request for Comments: 8643                          Villanova University
Category: Informational                                       B. Aboba
ISSN: 2070-1721                                                Microsoft
                                                               A. Hutton
                                                                    Atos
                                                               R. Jesske
                                                        Deutsche Telekom
                                                                T. Stach
                                                            Unaffiliated
                                                             August 2019


   An Opportunistic Approach for Secure Real-time Transport Protocol
                                (OSRTP)

 Abstract

   Opportunistic Secure Real-time Transport Protocol (OSRTP) is an
   implementation of the Opportunistic Security mechanism, as defined in
   RFC 7435, applied to the Real-time Transport Protocol (RTP).  OSRTP
   allows encrypted media to be used in environments where support for
   encryption is not known in advance and is not required.  OSRTP does
   not require Session Description Protocol (SDP) extensions or features
   and is fully backwards compatible with existing implementations using
   encrypted and authenticated media and implementations that do not
   encrypt or authenticate media packets.  OSRTP is not specific to any
   key management technique for Secure RTP (SRTP).  OSRTP is a
   transitional approach useful for migrating existing deployments of
   real-time communications to a fully encrypted and authenticated
   state.

 Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are candidates for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/RFC 8643.




Johnston, et al.              Informational                  PAGE 1 top


RFC 8643 OSRTP August 2019 Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Applicability Statement . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 3. SDP Offer/Answer Considerations . . . . . . . . . . . . . . . 3 3.1. Generating the Initial OSRTP Offer . . . . . . . . . . . 4 3.2. Generating the Answer . . . . . . . . . . . . . . . . . . 4 3.3. Offerer Processing the Answer . . . . . . . . . . . . . . 4 3.4. Modifying the Session . . . . . . . . . . . . . . . . . . 5 4. Security Considerations . . . . . . . . . . . . . . . . . . . 5 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 6.1. Normative References . . . . . . . . . . . . . . . . . . 6 6.2. Informative References . . . . . . . . . . . . . . . . . 7 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 1. Introduction Opportunistic Security (OS) [RFC 7435] is an approach to security that defines a third mode for security between "cleartext" and "comprehensive protection" that allows encryption and authentication of media to be used if supported but will not result in failures if it is not supported. In the context of the transport of secure media streams using RTP and its secured derivatives, cleartext is represented by an RTP [RFC 3550] media stream that is negotiated with the RTP/AVP (Audio-Visual Profile) [RFC 3551] or the RTP/AVPF profile [RFC 4585], whereas comprehensive protection is represented by a Secure RTP [RFC 3711] stream negotiated with a secure profile, such as SAVP or SAVPF [RFC 5124]. OSRTP allows SRTP to be negotiated with the RTP/AVP profile, with fallback to RTP if SRTP is not supported. Johnston, et al. Informational PAGE 2 top

RFC 8643 OSRTP August 2019 There have been some extensions to SDP to allow profiles to be negotiated, such as SDP Capabilities Negotiation (SDPCapNeg) [RFC 5939]. However, these approaches are complex and have very limited deployment in communication systems. Other key management protocols for SRTP that have been developed, such as ZRTP [RFC 6189], use OS by design. This approach for OSRTP is based on [Kaplan06] where it was called "best effort SRTP". [Kaplan06] has a full discussion of the motivation and requirements for opportunistic secure media. OSRTP uses the presence of SRTP keying-related attributes in an SDP offer to indicate support for opportunistic secure media. The presence of SRTP keying-related attributes in the SDP answer indicates that the other party also supports OSRTP and that encrypted and authenticated media will be used. OSRTP requires no additional extensions to SDP or new attributes and is defined independently of the key agreement mechanism used. OSRTP is only usable when media is negotiated using the Offer/Answer protocol [RFC 3264]. 1.1. Applicability Statement OSRTP is a transitional approach that provides a migration path from unencrypted communication (RTP) to fully encrypted communication (SRTP). It is only to be used in existing deployments that are attempting to transition to fully secure communications. New applications and new deployments will not use OSRTP. 2. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC 2119] [RFC 8174] when, and only when, they appear in all capitals, as shown here. 3. SDP Offer/Answer Considerations This section defines the SDP offer/answer considerations for opportunistic security. The procedures are for a specific "m=" section describing RTP-based media. If an SDP offer or answer contains multiple such "m=" sections, the procedures are applied to each "m=" section individually. "Initial OSRTP offer" refers to the offer in which opportunistic security is offered for an "m=" section for the first time within an SDP session. Johnston, et al. Informational PAGE 3 top

RFC 8643 OSRTP August 2019 It is important to note that OSRTP makes no changes to and has no effect on media sessions in which the offer contains a secure profile of RTP, such as SAVP or SAVPF. As discussed in [RFC 7435], that is the "comprehensive protection" for media mode. 3.1. Generating the Initial OSRTP Offer To indicate support for OSRTP in an SDP offer, the offerer uses the RTP/AVP profile [RFC 3551] or the RTP/AVPF profile [RFC 4585] but includes SRTP keying attributes. OSRTP is not specific to any key management technique for SRTP, and multiple key management techniques can be included on the SDP offer. For example: If the offerer supports DTLS-SRTP key agreement [RFC 5763], then an "a=fingerprint" attribute will be present. Or: If the offerer supports SDP Security Descriptions key agreement [RFC 4568], then an "a=crypto" attribute will be present. Or: If the offerer supports ZRTP key agreement [RFC 6189], then an "a=zrtp-hash" attribute will be present. 3.2. Generating the Answer To accept OSRTP, an answerer receiving an offer indicating support for OSRTP generates an SDP answer containing SRTP keying attributes that match one of the keying methods in the offer. The answer MUST NOT contain attributes from more than one keying method, even if the offer contained multiple keying method attributes. The selected SRTP key management approach is followed, and SRTP media is used for this session. If the SRTP key management fails for any reason, the media session MUST fail. To decline OSRTP, the answerer generates an SDP answer omitting SRTP keying attributes, and the media session proceeds with RTP with no encryption or authentication used. 3.3. Offerer Processing the Answer If the offerer of OSRTP receives an SDP answer that does not contain SRTP keying attributes, then the media session proceeds with RTP. If the SDP answer contains SRTP keying attributes, then the associated SRTP key management approach is followed and SRTP media is used for this session. If the SRTP key management fails, the media session MUST fail. Johnston, et al. Informational PAGE 4 top

RFC 8643 OSRTP August 2019 3.4. Modifying the Session When an offerer generates a subsequent SDP offer, it should do so following the principles of [RFC 6337], meaning that the decision to create the new SDP offer should not be influenced by what was previously negotiated. For example, if a previous OSRTP offer did not result in SRTP being established, the offerer may try again and generate a new OSRTP offer as specified in Section 3.1. 4. Security Considerations The security considerations of [RFC 4568] apply to OSRTP, as well as the security considerations of the particular SRTP key agreement approach used. However, the authentication requirements of a particular SRTP key agreement approach are relaxed when that key agreement is used with OSRTP, which is consistent with the Opportunistic Security approach described in [RFC 7435]. For example: For DTLS-SRTP key agreement [RFC 5763], an authenticated signaling channel does not need to be used with OSRTP if it is not available. For SDP Security Descriptions key agreement [RFC 4568], an authenticated signaling channel does not need to be used with OSRTP if it is not available, although an encrypted signaling channel MUST still be used. For ZRTP key agreement [RFC 6189], the security considerations are unchanged, since ZRTP does not rely on the security of the signaling channel. While OSRTP does not require authentication of the key agreement mechanism, it does need to avoid exposing SRTP keys to eavesdroppers, since this could enable passive attacks against SRTP. Section 8.3 of [RFC 4568] requires that any messages that contain SRTP keys be encrypted, and further says that encryption SHOULD provide end-to-end confidentiality protection if intermediaries that could inspect the SDP message are present. At the time of this writing, it is understood that the requirement in [RFC 4568] for end-to-end confidentiality protection is commonly ignored. Therefore, if OSRTP is used with SDP Security Descriptions, any such intermediaries (e.g., SIP proxies) must be assumed to have access to the SRTP keys. As discussed in [RFC 7435], OSRTP is used in cases where support for encryption by the other party is not known in advance and is not required. For cases where it is known that the other party supports SRTP or SRTP needs to be used, OSRTP MUST NOT be used. Instead, a secure profile of RTP is used in the offer. Johnston, et al. Informational PAGE 5 top

RFC 8643 OSRTP August 2019 5. IANA Considerations This document has no actions for IANA. 6. References 6.1. Normative References [RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC 2119, March 1997, <https://www.rfc-editor.org/info/RFC 2119>. [RFC 3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with Session Description Protocol (SDP)", RFC 3264, DOI 10.17487/RFC 3264, June 2002, <https://www.rfc-editor.org/info/RFC 3264>. [RFC 3550] Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications", STD 64, RFC 3550, DOI 10.17487/RFC 3550, July 2003, <https://www.rfc-editor.org/info/RFC 3550>. [RFC 3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and Video Conferences with Minimal Control", STD 65, RFC 3551, DOI 10.17487/RFC 3551, July 2003, <https://www.rfc-editor.org/info/RFC 3551>. [RFC 3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. Norrman, "The Secure Real-time Transport Protocol (SRTP)", RFC 3711, DOI 10.17487/RFC 3711, March 2004, <https://www.rfc-editor.org/info/RFC 3711>. [RFC 4568] Andreasen, F., Baugher, M., and D. Wing, "Session Description Protocol (SDP) Security Descriptions for Media Streams", RFC 4568, DOI 10.17487/RFC 4568, July 2006, <https://www.rfc-editor.org/info/RFC 4568>. [RFC 4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, "Extended RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585, DOI 10.17487/RFC 4585, July 2006, <https://www.rfc-editor.org/info/RFC 4585>. [RFC 5124] Ott, J. and E. Carrara, "Extended Secure RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/SAVPF)", RFC 5124, DOI 10.17487/RFC 5124, February 2008, <https://www.rfc-editor.org/info/RFC 5124>. Johnston, et al. Informational PAGE 6 top

RFC 8643 OSRTP August 2019 [RFC 5763] Fischl, J., Tschofenig, H., and E. Rescorla, "Framework for Establishing a Secure Real-time Transport Protocol (SRTP) Security Context Using Datagram Transport Layer Security (DTLS)", RFC 5763, DOI 10.17487/RFC 5763, May 2010, <https://www.rfc-editor.org/info/RFC 5763>. [RFC 6189] Zimmermann, P., Johnston, A., Ed., and J. Callas, "ZRTP: Media Path Key Agreement for Unicast Secure RTP", RFC 6189, DOI 10.17487/RFC 6189, April 2011, <https://www.rfc-editor.org/info/RFC 6189>. [RFC 7435] Dukhovni, V., "Opportunistic Security: Some Protection Most of the Time", RFC 7435, DOI 10.17487/RFC 7435, December 2014, <https://www.rfc-editor.org/info/RFC 7435>. [RFC 8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC 8174, May 2017, <https://www.rfc-editor.org/info/RFC 8174>. 6.2. Informative References [Kaplan06] Kaplan, H. and F. Audet, "Session Description Protocol (SDP) Offer/Answer Negotiation For Best-Effort Secure Real-Time Transport Protocol", Work in Progress, draft-kaplan-mmusic-best-effort-srtp-01, October 2006. [RFC 5939] Andreasen, F., "Session Description Protocol (SDP) Capability Negotiation", RFC 5939, DOI 10.17487/RFC 5939, September 2010, <https://www.rfc-editor.org/info/RFC 5939>. [RFC 6337] Okumura, S., Sawada, T., and P. Kyzivat, "Session Initiation Protocol (SIP) Usage of the Offer/Answer Model", RFC 6337, DOI 10.17487/RFC 6337, August 2011, <https://www.rfc-editor.org/info/RFC 6337>. Acknowledgements This document is dedicated to our friend and colleague Francois Audet who is greatly missed in our community. His work on improving security in SIP and RTP provided the foundation for this work. Thanks to Eric Rescorla, Martin Thomson, Christer Holmberg, and Richard Barnes for their comments. Johnston, et al. Informational PAGE 7 top

RFC 8643 OSRTP August 2019 Authors' Addresses Alan Johnston Villanova University Villanova, PA United States of America Email: alan.b.johnston@gmail.com Bernard Aboba Microsoft One Microsoft Way Redmond, WA 98052 United States of America Email: bernard.aboba@gmail.com Andrew Hutton Atos Mid City Place London WC1V 6EA United Kingdom Email: andrew.hutton@atos.net Roland Jesske Deutsche Telekom Heinrich-Hertz-Strasse 3-7 Darmstadt 64295 Germany Email: R.Jesske@telekom.de Thomas Stach Unaffiliated Email: thomass.stach@gmail.com Johnston, et al. Informational PAGE 8 top

RFC TOTAL SIZE: 18189 bytes PUBLICATION DATE: Saturday, August 10th, 2019 LEGAL RIGHTS: The IETF Trust (see BCP 78)


RFC-ARCHIVE.ORG

© RFC 8643: The IETF Trust, Saturday, August 10th, 2019
© the RFC Archive, 2024, RFC-Archive.org
Maintainer: J. Tunnissen

Privacy Statement