rfc3711.txt - OpenGrok cross reference for /external/srtp/doc/rfc3711.txt

Lines Matching refs:MUST
150    The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
333    methods, and MUST then specify the amount, format, and processing of
440       active MKI (the value of the MKI indicator and length MUST be kept
443    *  the master key(s), which MUST be random and kept secret,
466       This value, when used, MUST be random, but MAY be public.  Use of
500    the key derivation) are used but the session key(s) MUST NOT be so
517    counters for each stream (SSRC) MUST still be maintained.  Also,
518    separate SRTP indices MUST then be maintained.
530    Future SRTP transform specifications MUST include a section to list
576    certain context identifier, that packet MUST be discarded.
654       judged to be replayed, then the packet MUST be discarded, and the
661       FAILURE" (see Section 4.2), the packet MUST be discarded from
696    When the session starts, the sender side MUST set the rollover
698    modulo 2^16, the sender side MUST increment ROC by one, modulo 2^32
712    and s_l values.  At the setup of the session, the ROC MUST be set to
713    zero.  Receivers joining an on-going session MUST be given the
736    for SRTP packets for the session), the receiver MUST use v to
744    counter always maintains its sequence of values, i.e., it MUST NOT be
751    with a given (master or session) key, the sender MUST NOT send any
756    changed.  Re-keying (see Section 8.1) MUST be triggered, before this
812    dependent parameter and MUST be at least 64, but which MAY be set to
833    packet definition.  The three mandatory fields MUST be appended to an
848    format for compound packets.  SRTCP MUST be given packets according
849    to that requirement in the sense that the first part MUST be a sender
851    random 32-bit quantity) specified in that Section MUST NOT be used
925             index MUST be set to zero before the first SRTCP packet is
926             sent, and MUST be incremented by one, modulo 2^31, after
928             the SRTCP index MUST NOT be reset to zero again.
984       and for security reasons the sender MUST also check the number of
993    measures MUST be taken:
996       chapter 6.3 of [RFC3550], it MUST include the size of the fields
1001       (section 6.3.3 of [RFC3550]), the value of "packet_size" MUST
1098    keystream prefix MUST NOT be used for encryption.  The process is
1156    packet MUST be used, i SHALL be the 31-bit SRTCP index and k_e, k_s
1162    for any fixed value of IV MUST NOT exceed 2^16 to avoid keystream
1172    MUST be distinct, in order to avoid the security exposure of a two-
1174    implementation MUST ensure that the combination of the SRTP packet
1379    The values of n_a, n_tag, and SRTP_PREFIX_LENGTH MUST be fixed for
1389    FAILURE" MUST be returned.
1414    implementations MUST use the SRTP key derivation to generate session
1439    session keys.  The value of "key_derivation_rate" MUST be kept fixed
1451    m = 128 (or more) MUST be used, and a default PRF transform is
1481    <label> MUST be unique for each type of key to be derived.  We
1502    The master key and master salt MUST be random, but the master salt
1591    MUST NOT be applied with a value of n_tag, nor n_a, that are smaller
1607    SRTP, a companion standard track RFC MUST be written to exactly
1842    streams authenticated under the same key MUST have a distinct SSRC in
1859    SRTP/SRTCP MUST NOT share master keys under any other circumstances
1914    key is shared between streams, one of these streams MUST be
1924    (Section 9.2) MUST NOT be exceeded.
2028    MUST only be used to encrypt once.  Re-using such keystream (jokingly
2043    inclusion of the SSRC in the IV.  A master key MUST NOT be shared
2046    Thus, the SSRC MUST be unique between all the RTP streams within the
2096    of the salting key.  Note that the salting key MUST be random but MAY
2111    MUST keep packet counts.  However, when the session keys for related
2116    with the same key (whichever occurs before), the key management MUST
2118    keys MUST NOT be used again), or the session MUST be terminated.  If
2143    are on a per stream (i.e., per SSRC) basis, the sender MUST base re-
2151    distinct packets MUST either be processed with distinct IVs, or with
2229    provide message authentication.  SRTCP MUST NOT be used with weak (or
2248    both conditions MUST hold in order for weak or null authentication to
2259    authentication tag MUST ensure that only a negligible fraction of the
2281    Weak or null authentication MUST NOT be used when the RTP application
2288    Null authentication MUST NOT be used when a replay attack, in which
2309    authentication MUST NOT be used.
2368    used together with CBC mode.  Later transform additions to SRTP MUST
2483    reaches its maximum number of packets, re-keying MUST be triggered on
2503    SRTP default transforms, the master key MUST be replaced before any