Comments (5)
I'm not aware of any plans to support RFC 4771. There is support for EKT, which appears to solve the same problem (late receivers joining a stream). While I haven't read through 4711 in detail, it appears to relay on truncating the auth tag, which reduces the security level of the session. This is will be a problem for some SRTP use cases (e.g. FIPS compliance, Common Criteria, etc.).
You may want to take a look at http://tools.ietf.org/html/draft-mcgrew-srtp-aero-01. This is another approach to solving the same problem by eliminating the need for the ROC.
from libsrtp.
Is the EKT support enabled by default? At first glance, it seems like it is always used. Is this correct? I apologize, I'm fairly new to this library and SRTP itself. Thanks.
from libsrtp.
I don't think it's enabled by default. There's an EKT policy underneath the SRTP policy. If this is null, then EKT isn't initialized. Unfortunately there are not a lot of comments in the code on how to use EKT. The only example of using it is located in test/srtp_driver.c. Sorry I can't be more helpful, the EKT code was contributed prior to my involvement in the project.
Be aware the EKT draft was never ratified. There are rumors this draft may be resurrected in the future, which will likely result in changes to the current EKT code.
from libsrtp.
I'll take a look at the example. Thanks for the response!
from libsrtp.
Closing this issue due to lack of inactivity on the thread.
from libsrtp.
Related Issues (20)
- Build fails on macOS -Wshorten-64-to-32 HOT 2
- How to compile libsrtp2.3.0 with AES-GCM cipher group support ? HOT 1
- Cross-compile libsrtp to Windows (64-bit) is failing given that OpenSSL can't be found HOT 1
- When is safe to use srtp_remove_stream? HOT 2
- Bad link in README.md HOT 1
- Release Version 3.0.0 HOT 3
- Use consistent types through out code base HOT 1
- Review public API
- libsrtp + openssl + certificates HOT 2
- remove NO_64BIT_MATH code
- Cygwin compile broken HOT 3
- update config options for crypto backend
- ABI break in 2.6.0 HOT 2
- meson ci build failing with mbedtls on macos HOT 2
- meson ci builds failing for openssl on macos HOT 4
- Return codes when calling unprotect HOT 7
- Failure to update key after mki failure HOT 3
- consider merging the gcm encrypt and get tag functions of cipher api
- Authentication error return by srtp_unprotect for AES CM 256 HMAC SHA1 80 HOT 4
- srtp_unprotect returns success, but the entire payload except for the header turns into 0xFF. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libsrtp.