progress of draft H.460.mb "Message Broadcast for H.323 Systems" and related security issues: call for contributions

Euchner, Martin martin.euchner at siemens.com
Thu Mar 2 08:28:56 EST 2006 

Dear all,

Q.2/16 has scheduled Draft ITU-T Recommendation H.460.mb "Message
Broadcast for H.323 Systems" for possible consent at the forthcoming
SG16 meeting in April.
The latest draft of H.460.mb is available at:
http://ftp3.itu.ch/av-arch/avc-site/2005-2008/0511_Gen/AVD-2813a.zip


Unfortunately, Q.25 did not have discussion of the potential security
issues around H.460.mb at the last joint Rapporteurs Meeting in November
2005/Geneva.

The draft text raises a few security questions as open issues within
Editor notes; there may or may not be more security issues which are not
yet identified in the text; and there are also other non-security issues
in the document that may deserve some closer view.

Together with Paul Jones (Q.2/16 Rapporteur), I would like to take this
opportunity to raise the issue at this point in time with the intention
to solicit mailing list discussion and/or call for input contributions
into the next SG16 meeting, allowing the two Questions to have a
fruitful discussion on the draft and to determine how we move forward.

Allow me to make a couple of remarks and also ask a few guiding
questions:
-	H.460.mb operates in a multicast environment where H.323-based
announcement servers broadcast to a pre-defined set of H.323
receivers/endpoints. As such, we could be interested to study how to
secure such an environment. What type of security do we need, how to
secure the involved entities?
-	To which degree can we leverage existing H.235.x Recommendations
for usage in H.460.mb?
-	Where (signaling protection, media protection) do we need to
study new (multicast) security mechanisms for this particular
application?
-	Can we re-use any existing work from other groups for this
purpose?
-	Should security for H.460.mb be addressed at this point in time,
or can we add-in whatever security measures are necessary at a
later/future point in time?
-	If we have to do something at least on security, what should it
be about? What is the most pressing requirement from the market point of
view?
-	Which security infrastructure is adequate for such a multicast
scenario? Shared keys, PKI; key management, statically configured,
dynamic negotiable?
-	...

Looking forward to your interest, feedback, views, contributions...

With kind regards

Martin Euchner.
---------------------------------------------------------------------
| Dipl.-Inf.                     Rapporteur Q.25/16
| Martin Euchner                 Phone: +49 89 722 55790
| Siemens AG.....................Fax  : +49 89 722 62366
| COM GCM PS 3                    mailto:Martin.Euchner at siemens.com
|                                mailto:martin.euchner at ties.itu.int
| Hofmannstr. 51                 Intranet:
http://ietf.icn.siemens.de/sr3/Standardisation_Topics/security/
| D-81359 Muenchen               Internet: http://www.siemens.de/
| __________________
| Germany     
---------------------------------------------------------------------


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.packetizer.com/pipermail/sg16-avd/attachments/20060302/c75faab8/attachment-0003.html>

More information about the sg16-avd mailing list