Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

Securing the RTP framework: why RTP does not mandate a single media security solution

This memo discusses the problem of securing real-time multimedia sessions, and explains why the Real-time Transport Protocol (RTP), and the associated RTP control protocol (RTCP), do not mandate a single media security mechanism. Guidelines for designers and reviewers of future RTP extensions are provided, to ensure that appropriate security mechanisms are mandated, and that any such mechanisms are specified in a manner that conforms with the RTP architecture

Sending multiple RTP streams in a single RTP session

This memo expands and clarifies the behavior of Real-time Transport Protocol (RTP) endpoints that use multiple synchronization sources (SSRCs). This occurs, for example, when an endpoint sends multiple RTP streams in a single RTP session. This memo updates RFC 3550 with regard to handling multiple SSRCs per endpoint in RTP sessions, with a particular focus on RTP Control Protocol (RTCP) behavior. It also updates RFC 4585 to change and clarify the calculation of the timeout of SSRCs and the inclusion of feedback messages

Is Explicit Congestion Notification usable with UDP?

We present initial measurements to determine if ECN is usable with UDP traffic in the public Internet. This is interesting because ECN is part of current IETF proposals for congestion control of UDPbased interactive multimedia, and due to the increasing use of UDP as a substrate on which new transport protocols can be deployed. Using measurements from the author’s homes, their workplace, and cloud servers in each of the nine EC2 regions worldwide, we test reachability of 2500 servers from the public NTP server pool, using ECT(0) and not-ECT marked UDP packets. We show that an average of 98.97% of the NTP servers that are reachable using not-ECT marked packets are also reachable using ECT(0) marked UDP packets, and that ~98% of network hops pass ECT(0) marked packets without clearing the ECT bits. We compare reachability of the same hosts using ECN with TCP, finding that 82.0% of those reachable with TCP can successfully negotiate and use ECN. Our findings suggest that ECN is broadly usable with UDP traffic, and that support for use of ECN with TCP has increased

On the usefulness of finding charts Or the runaway carbon stars of the Blanco & McCarthy field 37

We have been recently faced with the problem of cross--identifying stars recorded in historical catalogues with those extracted from recent fully digitized surveys (such as DENIS and 2MASS). Positions mentioned in the old catalogues are frequently of poor precision, but are generally accompanied by finding charts where the interesting objects are flagged. Those finding charts are sometimes our only link with the accumulated knowledge of past literature. While checking the identification of some of these objects in several catalogues, we had the surprise to discover a number of discrepancies in recent works.The main reason for these discrepancies was generally the blind application of the smallest difference in position as the criterion to identify sources from one historical catalogue to those in more recent surveys. In this paper we give examples of such misidentifications, and show how we were able to find and correct them.We present modern procedures to discover and solve cross--identification problems, such as loading digitized images of the sky through the Aladin service at CDS, and overlaying entries from historical catalogues and modern surveys. We conclude that the use of good finding charts still remains the ultimate (though time--consuming) tool to ascertain cross--identifications in difficult cases.Comment: 4 pages, 1 figure, accepted by A&

Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism