Technical Summary:
Although the Session Initiation Protocol (SIP) includes a suite of
security services that has been expanded by numerous
specifications over the years, there is no single place that
explains how to use SIP to establish confidential media sessions.
Additionally, existing mechanisms have some feature gaps that need
to be identified and resolved in order for them to address the
pervasive monitoring threat model. This specification describes
best practices for negotiating confidential media with SIP,
including both comprehensive protection solutions which bind the
media to SIP-layer identities as well as opportunistic security
solutions.
Working Group Summary:
There is consensus in the WG around this document.
Document Quality:
While parts of the specification have been implemented, we are not
aware of any implementation that implements all of it. In fact,
the goal with publishing this RFC is to get more implementations
out there.
Personnel:
Gonzalo Camarillo is the Document Shepherd. Ben Campbell is the
responsible AD.