Colin said:
I'm confused about your objection, since this draft states that we need to do
exactly as you propose.
[BA] I agree with Colin. The document is consistent with the Danvers Doctrine
and more recently expressed sentiments.
From Section 6:
Given the variability of the classes of application that use
RTP, and the variety of the currently available security mechanisms
described in [I-D.ietf-avtcore-rtp-security-options], no one set of
MTI security options can realistically be specified that apply to all
classes of RTP applications.
Documents that define an interoperable class of applications using
RTP are subject to [RFC3365], and so need to specify MTI security
mechanisms. This is because such specifications do fully specify
interoperable applications that use RTP. Examples of such documents
under development in the IETF at the time of this writing are the
RTCWEB Security Architecture [I-D.ietf-rtcweb-security-arch] and the
Real Time Streaming Protocol 2.0 (RTSP) [I-D.ietf-mmusic-rfc2326bis].
It is also expected that a similar document will be produced for
voice-over-IP applications using SIP and RTP.