3.1.5.2.11 Link Encryption Mode

Link encryption mode is a generic content encryption mode for any content that is not explicitly described in this document. Link encryption mode is defined as a mode of operation which is independent of the content type and specific to the data transport protocol (for example, HTTP or RTP).

The link encryption mode makes use of the data segment descriptor (section 3.1.5.2.3), which is attached to an encrypted or unencrypted data segment during data transfer. The data segment descriptor contains flags and extensions that notify the receiver when the media data is encrypted. The data segment descriptor contains ID values that are needed to decrypt the encrypted media data. A data segment descriptor is associated with a portion of the transmitted content to which, if encrypted, a single policy (1) and content encryption key applies. In other words, the content encryption key and policies cannot be changed within a data segment.

The data segment descriptor can be associated with content that is encrypted or unencrypted. The encrypted data flag in the descriptor indicates whether the content is encrypted.