RTP is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity and source authentication of RTP/RTCP packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP, and gives guidance for developers on how to choose the appropriate security mechanism. This draft forms a companion to draft-ietf-avt-srtp-not-mandatory.

Opinions expressed are my own, and do not represent those of my employers or the organisations that fund my research.