ABSTRACT

This chapter describes Request for Comments (RFCs) 4567, 4568, 4572, 5027, and 6193 that deal with security capability negotiations using Session Description Protocol (SDP). The multimedia conferencing requires a host of security capabilities related to session, media, and transport level, which need to be negotiated between the conferencing parties. In this chapter, we describe how SDP can be used to negotiate all of those security attributes using call control protocols like Session Initiation Protocol (SIP) and others. RFC 4567 defines general extensions for SDP and Real-Time Streaming Protocol (RTSP) to carry messages, as specified by a key management protocol, in order to secure the media. These extensions are presented as a framework to be used by one or more key management protocols. As such, their use is meaningful only when complemented by an appropriate key management protocol. General guidelines are also given on how the framework should be used with SIP and RTSP. The usage with the Multimedia Internet KEYing key management protocol is also defined.