1. Introduction

1. Introduction

The Real-Time Communication in WEB-browsers (RTCWeb) working group was charged with standardizing protocols for real-time communications between Web browsers, generally called "WebRTC" [RFC8825]. A major use case for WebRTC is direct video and audio communication between two browsers. This communications mode offers a number of security benefits (e.g., end-to-end authentication and encryption) but also introduces new dangers (e.g., using the browser to attack services located behind a firewall).

This document defines the security architecture for WebRTC. It defines the security requirements for the protocol suite and describes how those requirements are met. It relies on the threat model defined in [RFC8826].