This document describes a Microsoft extension protocol, Session Description Protocol (SDP) Extensions. The base protocol, which is the Session Description Protocol (SDP), is specified in [RFC4566]. This document describes the session description that is used to negotiate instant messaging, audio/video, and data collaboration sessions, and notes the extensions used. This document also describes how encryption for audio/video and data collaboration sessions is negotiated.
Of paramount importance is the protection of data against security threats related to the privacy of RTC media communications between clients. Microsoft has extended the Session Description Protocol to meet this challenge by providing encryption of data collaboration (DC) and audio/visual (A/V).<1>
This encryption functionality is only for the Session Initiation Protocol (SIP) service provider, as specified in [RFC3261], and does not extend to other kinds of traffic. Microsoft strongly recommends that these extensions be used with Transport Layer Security (TLS) to protect the encryption key when it is passed in SIP/SDP signaling.
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.