Recap from SRTP extension discussion:
* Extensions may be E2E or HBH authenticated
* MDD MUST NOT remove E2E-authenticated extensions
* Extensions may be either E2E or HBH confidentiality protected
  * Might need to correlate to RTCP (see below)

RTCP discussion:
* Terminology:
  * packet -> compound RTCP packet
  * unit -> individual packet within a compound packet

* General agreement that anything we do should be on a whole-packet basis
* Endpoints can still switch between HBH and E2E keys
  * No work to do at the transport layer here
  * Just signal different keys using MKI and E bit
* There might be some subtle considerations around when to use which context
  * Might need to negotiate what goes in HBH vs. E2E contexts
  * How to deal with conflicts between HBH and E2E streams
* Magnus might want E2E auth, HBH auth+confidentiality
  * If so, we can do something similar to -double for RTCP
  * ... using an auth-only transform as the inner/E2E transform