Proceedings of the IEEE ICNP Workshop on Secure Network Protocols, Raleigh, NC, USA, October 2014.
The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video applications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol.