On Jun 16, 2016, at 2:37 PM, Ross Finlayson <finlay...@live555.com> wrote:
> 
>> interesting, this makes the access to the stream secure but what about after 
>> the authentication? If I succesfully initiate an RTSP stream I have a flow 
>> of packets comming to my client. Are these packets encypted or protected in 
>> some way from bad guys "sniffing" my network?
> 
> No.  There’s no encryption defined in the RTSP 1.0 protocol.

He could run RTSP over TLS, sometimes called RTSPS.  He wouldn’t need to modify 
Live555 at all: just proxy it through stunnel.  Or, with RTSP over HTTP, you 
could use any HTTPS reverse proxy (e.g. Apache, nginx…) to secure the stream 
negotiation.

As for the returned media, SRTP looks like a suitable existing design:

  https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol

Would adding support for that be any more difficult than adding support for an 
A/V codec?  I’m not proposing work for you Ross, I’m asking if Live555 already 
has the designed-in flexibility to allow the OP to write this code without 
modifying any existing library code.  Does RTP occupy a special position in the 
Live555 stack, such that replacing it would be difficult?
_______________________________________________
live-devel mailing list
live-devel@lists.live555.com
http://lists.live555.com/mailman/listinfo/live-devel

Reply via email to