For those wondering what's happening in the VoIP and videoconferencing world lately, there are really three major activities. One is WebRTC, which has plenty of folks out talking about it, so I'll leave that alone. The other is the new video codec work that is happening in both the IETF NetVC working group and the Alliance for Alliance for Open Media. The third is a focus on end-to-end security of media flows, which is happening in the IETF PERC working group. I've been spending time in the latter, primarily, but dabbling a little in the others.
As you are likely well aware, SRTP provides the means through which one can encrypt media flows. DTLS-SRTP defines a way to negotiate media keys directly with a remote endpoint, which is great for facilitating end-to-end security between two users. However, end-to-end encryption in group conferencing is still a wide-open target that needs to be addressed. That's where PERC comes in.
The work is well underway with a number of drafts already published, most of which are adopted by the PERC working group. Those are:
- A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing
- SRTP Double Encryption Procedures
I know that end-to-end security and conferencing are both of interest to many who visit Packetizer, so I thought you might be interested to know about this work, just in case you were not already.