|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
IETF RFC 4568 (2006)
|
|
Title:
|
Session Description Protocol (SDP) Security Descriptions for Media Streams, July, 2006
|
|
|
2.
|
Status of approval:
|
|
|
Standards Track RFC
|
|
3.
|
Justification for the specific reference:
|
|
|
The Recommendation deals with the use of SRTP by an H.248 media-gateway. The SRTP key management scheme described in the Recommendation is based on the "crypto" SDP attribute that is defined in RFC 4568.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Information on IPR issues regarding RFCs is available at: https://datatracker.ietf.org/ipr/search/. Specifically: https://datatracker.ietf.org/ipr/search/?option=rfc_search&rfc_search=4568
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
RFC 4568 has been in existence since 2006. This document has been reviewed extensively in the IETF.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
RFC 4568 is a standards-track document and is currently in the "Proposed Standard" state. Current standards status of this document can be found at ftp://ftp.isi.edu/in-notes/std/std1.txt
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
RFC 4568 specifies a new SDP attribute called "crypto", which is used to signal and negotiate cryptographic parameters for media streams in general, and for SRTP in particular. The methods described in this RFC are among the most widely used for SRTP key management.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
Normative References/
/
[1] Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications", STD 64, RFC 3550, July 2003./
/
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997./
/
[3] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session Description Protocol", RFC 4566, July 2006./
/
[4] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 4234, October 2005./
/
[5] Shirey, R., "Internet Security Glossary", FYI 36, RFC 2828, May 2000./
/
[6] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with Session Description Protocol (SDP)", RFC 3264, June 2002./
/
[7] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. Norrman, "The Secure Real-time Transport Protocol (SRTP)", RFC 3711, March 2004./
/
[8] Eastlake 3rd, D., Crocker, S., and J. Schiller, "Randomness Recommendations for Security", RFC 1750, December 1994./
/
[9] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", RFC 3548, July 2003./
/
[10] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998./
/
Informative References/
/
[11] Andreasen, F. and D. Wing, "Security Preconditions for Session Description Protocol Media Streams", Work in Progress, October 2005./
/
[12] Andreasen, F., "Session Description Protocol (SDP) Simple Capability Declaration", RFC 3407, October 2002./
/
[13] Bellovin, S., "Problem Areas for the IP Security Protocols," in Proceedings of the Sixth Usenix Unix Security Symposium, pp. 1-16, San Jose, CA, July 1996./
/
[14] Baugher, M., Weis, B., Hardjono, T., and H. Harney, "The Group Domain of Interpretation", RFC 3547, July 2003./
/
[15] Sakane, S., Kamada, K., Thomas, M. and J. Vilhuber, "Kerberized Internet Negotiation of Keys (KINK)", RFC 4430, March 2006./
/
[16] Kaufman, C., "Internet Key Exchange (IKEv2) Protocol", RFC 4306, December 2005./
/
[17] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, December 2005./
/
[18] Westerlund, M., "A Transport Independent Bandwidth Modifier for the Session Description Protocol (SDP)", RFC 3890, September 2004./
/
[19] Rosenberg, J. and H. Schulzrinne, "An RTP Payload Format for Generic Forward Error Correction", RFC 2733, December 1999./
/
[20] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004./
/
[21] Elkins, M., "MIME Security with Pretty Good Privacy (PGP)", RFC 2015, October 1996./
/
[22] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC 2246, January 1999./
/
[23] Arkko, J., Carrara, E., Lindholm, F., Naslund, M., and K. Norrman, "Key Management Extensions for Session Description Protocol (SDP) and Real Time Streaming Protocol (RTSP)", RFC 4567, July 2006./
/
[24] Arkko, J., Carrara, E., Lindholm, F., Naslund, M., and K. Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830, August 2004./
/
[25] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- Hashing for Message Authentication", RFC 2104, February 1997./
/
[26] Krawczyk, H., "SKEME: A Versatile Secure Key Exchange Mechanism for the Internet", ISOC Secure Networks and Distributed Systems Symposium, San Diego, 1996./
/
[27] Camarillo, G., Marshall, W., and J. Rosenberg, "Integration of Resource Management and Session Initiation Protocol (SIP)", RFC 3312, October 2002./
/
[28] Handley, M., Perkins, C., and E. Whelan, "Session Announcement Protocol", RFC 2974, October 2000./
/
[29] Ott, J. and E. Carrara, "Extended Secure RTP Profile for RTCP-based Feedback (RTP/SAVPF)", work in progress, October 2003./
/
[30] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002./
/
[31] Rosenberg, J., "The Session Initiation Protocol (SIP) UPDATE Method", RFC 3311, September 2002./
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
References should always be made to RFC numbers (and not by other designations such as STD, BCP, etc.). References not to be made to documents referred to as "Internet Drafts" or RFCs categorized as "Historic". Normative references should not be made to RFCs that are not standards, for example, "Informational" and "Experimental" RFCs.
|
|
