Best Practices for Securing RTP Media Signaled with SIP

The information below is for an old version of the document
Document Type Expired Internet-Draft (sipbrandy WG)
Authors Jon Peterson  , Eric Rescorla  , Richard Barnes  , Russ Housley 
Last updated 2017-09-14 (latest revision 2017-03-13)
Replaces draft-peterson-sipbrandy-rtpsec
Stream Internet Engineering Task Force (IETF)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Additional Resources
- Mailing list discussion
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Although the Session Initiation Protocol (SIP) includes a suite of security services that has been expanded by numerous specifications over the years, there is no single place that explains how to use SIP to establish confidential media sessions. Additionally, existing mechanisms have some feature gaps that need to be identified and resolved in order for them to address the pervasive monitoring threat model. This specification describes best practices for negotiating confidential media with SIP, including both comprehensive protection solutions which bind the media to SIP-layer identities as well as opportunistic security solutions.


Jon Peterson (
Eric Rescorla (
Richard Barnes (
Russ Housley (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)