As written, -03.txt defines the proto
token "TCP/RTP/AVP", so that session descriptions
can specify RTP/AVP streams over TCP.
However, -03.txt does not define a proto
token to support RTP/AVP over TLS ("TCP/TLS/RTP/AVP")
nor does it define a proto token to support SRTP
over TCP ("TCP/RTP/SAVP").
I think there are a few options:
[1] No IETF standards-track protocol defines either
"TCP/TLS/RTP/AVP" or "TCP/RTP/SAVP".
[2] A new MMUSIC I-D defines "TCP/TLS/RTP/AVP" or
"TCP/RTP/SAVP". This is preferable to reintroducing
it into contrans, because it may take many iterations
to get the security details right, whereas contrans is
ready to go whenever comedia is.
[3] "TCP/TLS/RTP/AVP" becomes part
of an existing security-oriented MMUSIC I-D.
I feel uneasy about [1], because it encourages
implementors to not add security to apps that should
use it, or to invent their own proto token out of thin air.
Both seem bad.
But, I don't presently have the skill set to do
a credible job on a security-oriented I-D, and there's
probably other things I should be doing this year other
than learning security lore (like, finishing RTP MIDI,
and helping teach Cal undergrads computer architecture :-).
So, I won't be able to jump in and do [2] myself in the
next year or so.
Hopefully, there's someone else here who wants
[2] or [3] to happen who can help. Thanks in advance.