[114686] in cryptography@c2.net mail archive
Re: Gutmann Soundwave Therapy
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Feb 6 13:22:06 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: ekr@networkresonance.com, jamesd@echeque.com
Cc: cryptography@metzdowd.com, guus@sliepen.org,
krstic@solarsail.hcs.harvard.edu
In-Reply-To: <20080204005649.27B2E50848@romeo.rtfm.com>
Date: Mon, 04 Feb 2008 23:33:07 +1300
Eric Rescorla <ekr@networkresonance.com> writes:
>I don't propose to get into an extended debate about whether it is better to
>use SRTP or to use generic DTLS. That debate has already happened in IETF and
>SRTP is what the VoIP vendors are doing. However, the good news here is that
>you can use DTLS to key SRTP (draft-ietf-avt-dtls-srtp), so there's no need
>to invent a new key management scheme.
Hmm, given this X-to-key-Y pattern (your DTLS-for-SRTP example, as well as
OpenVPN using ESP with TLS keying), I wonder if it's worth unbundling the key
exchange from the transport? At the moment there's (at least):
TLS-keying --+-- TLS transport
|
+-- DTLS transport
|
+-- IPsec (ESP) transport
|
+-- SRTP transport
|
+-- Heck, SSH transport if you really want
Is the TLS handshake the universal impedance-matcher of secure-session
mechanisms?
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
