Common use of Security Downgrade Clause in Contracts

Security Downgrade. A secure TIP session could be downgraded into non-secure. This is typically a scenario involving a multi-point session where a non-secure device joins the secure conference turning it non- secure, assuming the session has not been configured to be a secure-only conference.. Two mechanisms can be used to turn a TIP session into a non-secure session. 1. The first mechanism involves putting the SIP session on hold and immediately resuming it as a non-secure SIP session. The downgrading device does not start any DTLS sessions but rather start its TIP sessions following call setup causing the remote device DTLS sessions to be aborted and non-secure TIP sessions to be established 2. The second mechanism involves continuing to use SRTP and SRTCP on the secure TIP session. However a TIP Notification message indicating the change in the security state of the session is sent by the downgrading device causing the remote device to treat the TIP session as non-secure in all aspects except its media transport (see 5.3 for more details on TIP security state notification)