Perry E. Metzger wrote:
2) I strongly hope that Netscape tries to move the product towards standards based mechanisms like the IETF's RTP protocol, which are in widespread use,
Unfortunately RTP is not a crypto protocol, and does not have a standardized encrypted form. Therefore any encrypted protocol is necessarily proprietary and non standard, unless Phill Zimmerman has published a standard. If Netscape creates a standard for encrypting RTP, and publishes it, that will be a move towards a standard, not a move away from a standard. One mechanism for encrypting RTP would be to construct a shared secret key by DH exchange, or Rabin if one wished to dodge patents, construct a cryptographically strong pseudo random data stream from the key, using Ron's code, and for each RTP packet, encrypt using a block from that data stream as the packet key. --------------------------------------------------------------------- | We have the right to defend ourselves | http://www.jim.com/jamesd/ and our property, because of the kind | of animals that we are. True law | James A. Donald derives from this right, not from the | arbitrary power of the state. | jamesd@echeque.com