Security Changes for RTC Client API version 1.3

RTC Client API version 1.3 contains some security-related changes.

Additional client security options for RTC Client

The RTC client can be initialized so that 1) it discards unauthenticated watchers and does not subscribe to any roaming sessions and/or 2) it drops any unauthenticated INVITE, MESSAGE, and OPTION requests.

The IRTCClient2::InitializeEx method can take two additional RTCIF_ Constants for discarding unauthenticated requests (RTCIF_DISABLE_UNAUTH_WATCHERS_AND_ROAMING and RTCIF_DISABLE_UNAUTH_SESSIONS).

Check server certificate against certification authority's certificate revocation list

RTC Client API version 1.3 connects to the certification authority and checks that the server's certificate has not been revoked. If the certificate is revoked, the client does not connect to the server. For more information, see the Microsoft® Office Live Communications Server 2005 Reference Guide.