§13.2.

Communication Security

MOQT depends on a secure transport to provide confidentiality, integrity and endpoint authentication between subscriber and publisher. Implementations use QUIC or WebTransport to fulfill the basic communication security requirements and these implementations SHOULD follow best practices for TLS 1.3 and QUIC. Relays MUST use authentication to prevent impersonation.

Note that the basic security protection offered by QUIC or TCP/TLS does not prevent traffic pattern analysis. Object sizes, sizes of request messages, etc can make it possible for a third party observer to identify media content, user patterns and media stream origin.

This is one section of the MoQT specification, rendered per-section for quick reference and citation. The authoritative text is draft-ietf-moq-transport-19 at the IETF.