Framework for Establishing a Secure Real-time Transport Protocol Security Context Using Datagram Transport Layer Security
RFC 5763, “Framework for Establishing a Secure Real-time Transport Protocol Security Context Using Datagram Transport Layer Security”, is a Proposed Standard document published in May 2010 by J. Fischl, H. Tschofenig, E. Rescorla. It has since been updated by RFC 8842. The canonical text is published by the RFC Editor.
Abstract
This document specifies how to use the Session Initiation Protocol (SIP) to establish a Secure Real-time Transport Protocol (SRTP) security context using the Datagram Transport Layer Security (DTLS) protocol. It describes a mechanism of transporting a fingerprint attribute in the Session Description Protocol (SDP) that identifies the key that will be presented during the DTLS handshake. The key exchange travels along the media path as opposed to the signaling path. The SIP Identity mechanism can be used to protect the integrity of the fingerprint attribute from modification by intermediate proxies. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 5763 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5762 RTP and the Datagram Congestion Control Protocol
- RFC 5764 Datagram Transport Layer Security Extension to Establish Keys for the Secure Real-time Transport Protocol
- RFC 5761 Multiplexing RTP Data and Control Packets on a Single Port
- RFC 5765 Security Issues and Solutions in Peer-to-Peer Systems for Realtime Communications
- RFC 5760 RTP Control Protocol Extensions for Single-Source Multicast Sessions with Unicast Feedback
- RFC 5766 Traversal Using Relays around NAT : Relay Extensions to Session Traversal Utilities for NAT
- RFC 5759 Suite B Certificate and Certificate Revocation List Profile
- RFC 5767 User-Agent-Driven Privacy Mechanism for SIP