Re: [Linphone-developers] Set Master Key for SRTP in linphone

[Greg Troxel]

Mark Murawski <markm-lists@intellasoft.net> writes:

> Here is specific information about how SRTP operates:
> https://tools.ietf.org/html/rfc3711
>
> See this section on Key Derivation:
> https://tools.ietf.org/html/rfc3711#section-4.3.1

[It is still on my TODO list to really understand the entire SRTP ecosystem.]

That explains how to go from a provided master key to individual
algorithm keys, and section 8 talks about external key management.

I realize it's conventional to label this "SRTP" in a UI, but it seems
that these UIs are mislabeled, in that SRTP itself, without an associated
key management scheme, requires providing a key to both endpoints.

When people and programs simply say "SRTP", I think they could mean
either of these:

  Session Description Protocol (SDP) Security Descriptions for Media Streams
  https://tools.ietf.org/html/rfc4568

  SRTP Extension for DTLS
  https://tools.ietf.org/html/rfc5764

The first is about SIP providing keys over the TLS-protected signaling
channel.

The second is within the data channel, but has a scheme to bootstrap
authentication from the signaling channel:

   A DTLS-SRTP session may be indicated by an external signaling
   protocol like SIP.  When the signaling exchange is integrity-
   protected (e.g., when SIP Identity protection via digital signatures
   is used), DTLS-SRTP can leverage this integrity guarantee to provide
   complete security of the media stream.  A description of how to
   indicate DTLS-SRTP sessions in SIP and SDP [RFC4566], and how to
   authenticate the endpoints using fingerprints can be found in
   [RFC5763].


So:

  What is linphone doing when configured for "SRTP"?
  What is linphone doing when configured for "DTLS"

  Do people think it is a bug that the UI does not make this clear?
  Or is it obvious that SRTP is short for "SDES-SRTP (RFC4568)"?
  And that DTLS is short for RFC5764?