[Live-devel] RTSPServer authentication is secure?
Warren Young
wyml at etr-usa.com
Thu Jun 16 14:37:29 PDT 2016
On Jun 16, 2016, at 2:37 PM, Ross Finlayson <finlayson at live555.com> wrote:
>
>> interesting, this makes the access to the stream secure but what about after the authentication? If I succesfully initiate an RTSP stream I have a flow of packets comming to my client. Are these packets encypted or protected in some way from bad guys "sniffing" my network?
>
> No. There’s no encryption defined in the RTSP 1.0 protocol.
He could run RTSP over TLS, sometimes called RTSPS. He wouldn’t need to modify Live555 at all: just proxy it through stunnel. Or, with RTSP over HTTP, you could use any HTTPS reverse proxy (e.g. Apache, nginx…) to secure the stream negotiation.
As for the returned media, SRTP looks like a suitable existing design:
https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
Would adding support for that be any more difficult than adding support for an A/V codec? I’m not proposing work for you Ross, I’m asking if Live555 already has the designed-in flexibility to allow the OP to write this code without modifying any existing library code. Does RTP occupy a special position in the Live555 stack, such that replacing it would be difficult?
More information about the live-devel
mailing list