Vincent and Ray,


>>
>> A reference to SRTP is missing. Please add.> 
> 
> Thanks. Will do.

I think referencing SRTP here is to narrow. I think the appropriate
thing to point out is the need for source authentication and message
integrity and then point to the need for a security solution that
provide this. SRTP is a transport security solution, without
key-management. So pointing at this to resolve this issue is
insufficient and also not deployable. I think a better reference now
that it exist and is getting closer to publication might be:



https://datatracker.ietf.org/doc/draft-ietf-avtcore-rtp-security-options/



Cheers

Magnus Westerlund

----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB                | Phone  +46 10 7148287
Färögatan 6                | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund at ericsson.com
----------------------------------------------------------------------