Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Address follow-up comments from RFC Editor #201

Merged
merged 1 commit into from
Jul 15, 2024
Merged

Address follow-up comments from RFC Editor #201

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 9 additions & 6 deletions draft-ietf-sframe-enc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -428,10 +428,12 @@ def derive_key_salt(KID, base_key):
sframe_secret = HKDF-Extract("", base_key)

sframe_key_label = "SFrame 1.0 Secret key " + KID + cipher_suite
sframe_key = HKDF-Expand(sframe_secret, sframe_key_label, AEAD.Nk)
sframe_key =
HKDF-Expand(sframe_secret, sframe_key_label, AEAD.Nk)

sframe_salt_label = "SFrame 1.0 Secret salt " + KID + cipher_suite
sframe_salt = HKDF-Expand(sframe_secret, sframe_salt_label, AEAD.Nn)
sframe_salt =
HKDF-Expand(sframe_secret, sframe_salt_label, AEAD.Nn)

return sframe_key, sframe_salt
~~~
Expand Down Expand Up @@ -879,7 +881,7 @@ transport streams, the SFU may decide to reuse previously existing streams or
even pre-allocate a predefined number of streams and choose in each moment in
time which participant media will be sent through it.

This means that in the same transport-level stream (e.g., an RTP stream defined
This means that the same transport-level stream (e.g., an RTP stream defined
by either SSRC or Media Identification (MID)) may carry media from different
streams of different participants. Because each participant uses a different key
to encrypt their media, the receiver will be able to verify the sender of the
Expand Down Expand Up @@ -1024,14 +1026,14 @@ rather than to add the additional defenses necessary to safely use short tags.
# IANA Considerations

IANA has created a new registry called "SFrame Cipher Suites" ({{sframe-cipher-suites}})
under the "SFrame" group registry heading. Assignments are made
via the Specification Required policy {{!RFC8126}}.
under the "SFrame" group registry heading.

## SFrame Cipher Suites

The "SFrame Cipher Suites" registry lists identifiers for SFrame cipher suites as defined in
{{cipher-suites}}. The cipher suite field is two bytes wide, so the valid cipher
suites are in the range 0x0000 to 0xFFFF.
suites are in the range 0x0000 to 0xFFFF. Except as noted below, assignments are made
via the Specification Required policy {{!RFC8126}}.

The registration template is as follows:

Expand All @@ -1048,6 +1050,7 @@ The registration template is as follows:
* Reference: The document where this cipher suite is defined

* Change Controller: Who is authorized to update the row in the registry

Initial contents:


Expand Down
Loading