moq-wg · suhasHere · Feb 9, 2026 · Feb 13, 2026 · Feb 13, 2026 · Feb 13, 2026
diff --git a/draft-ietf-moq-msf.md b/draft-ietf-moq-msf.md
@@ -32,6 +32,7 @@ author:
 normative:
   MoQTransport: I-D.draft-ietf-moq-transport-11
   LOC: I-D.draft-mzanaty-moq-loc-05
+  SecureObjects: I-D.draft-jennings-moq-secure-objects
   BASE64: RFC4648
   JSON: RFC8259
   LANG: RFC5646
@@ -53,7 +54,7 @@ normative:
     target: https://www.w3.org/TR/ttml-imsc1/
 
 informative:
-
+  E2EE-MLS: I-D.draft-jennings-moq-e2ee-mls
 
 --- abstract
 
@@ -156,7 +157,60 @@ cleanly switch between time-aligned media tracks at group boundaries.
 
 ## Content protection and encryption {#contentprotection}
 
-ToDo - content protection for LOC-packaged content.
+MSF supports end-to-end encryption of media content using MoQ Secure Objects
+{{SecureObjects}}. When encryption is enabled, the payload of LOC-packaged
+media objects is encrypted and authenticated, while relays can still route
+content based on unencrypted header information.
+
+### Encryption scheme signaling
+
+The encryption scheme and parameters are signaled in the catalog using the
+following track-level fields:
+
+* encryptionScheme {{encryptionscheme}} - identifies the encryption mechanism
+* cipherSuite {{ciphersuite}} - specifies the AEAD algorithm
+* keyId {{keyid}} - identifies the key material for decryption
+* trackBaseKey {{trackbasekey}} - the base key material for this track
+
+When the encryptionScheme field is present in a track definition, subscribers
+MUST decrypt the object payload using the specified scheme before processing.
+
+### Key management
+
+The keyId and trackBaseKey values are obtained from an external key management
+system and the mechanism for obtaining these values is out of scope for this
+specification. Examples of key management systems include MLS-based key
+distribution {{E2EE-MLS}} or other out-of-band key exchange mechanisms.
+
+Depending on the key management mechanism in use, a keyId MAY be scoped to:
+
+* A single track
+* A single MoQ Session
+* Multiple tracks across one or more MoQ sessions
+
+Publishers and subscribers MUST use the same key management system and agree
+on the keyId scope semantics for interoperable operation.
+
+### Recommended encryption scheme
+
+The RECOMMENDED encryption scheme for MSF is "moq-secure-objects".
+Implementations supporting content encryption MUST implement the
+"moq-secure-objects" scheme as defined in {{SecureObjects}}.
+
+When using the "moq-secure-objects" scheme:
+
+* The cipherSuite field MUST be present and set to a supported cipher suite value
+* The keyId field MUST be present to identify the key material
+* The trackBaseKey field MUST be present to provide the base key material
+
+### Encrypted object structure
+
+For LOC-packaged tracks with encryption enabled (see {{SecureObjects, Section 4}}):
+
+* The immutable header extensions (including Group ID and Object ID) remain
+  in plaintext and are authenticated
+* The object payload is encrypted and authenticated using the specified cipher
+* Private header extensions (type 0xA) are encrypted alongside the payload
 
 # Catalog {#catalog}
 A Catalog is an MOQT Track that provides information about the other tracks being
@@ -227,6 +281,10 @@ Table 1 provides an overview of all fields defined by this document.
 | Language                | lang                   | {{language}}              |
 | Parent name             | parentName             | {{parentname}}            |
 | Track duration          | trackDuration          | {{trackduration}}         |
+| Encryption scheme       | encryptionScheme       | {{encryptionscheme}}      |
+| Cipher suite            | cipherSuite            | {{ciphersuite}}           |
+| Key ID                  | keyId                  | {{keyid}}                 |
+| Track Base Key          | trackBaseKey           | {{trackbasekey}}          |
 
 Table 2 defines the allowed locations for these fields within the document
 
@@ -516,6 +574,73 @@ Location: T    Required: Optional   JSON Type: Number
 The duration of the track expressed in integer milliseconds. This field MUST NOT
 be included if the isLive {{islive}} field value is true.
 
+### Encryption scheme {#encryptionscheme}
+Location: T    Required: Optional   JSON Type: String
+
+A string identifying the encryption scheme used to protect the track content.
+The default and RECOMMENDED value is "moq-secure-objects" as defined in
+{{SecureObjects}}. If this field is absent, the track content is unencrypted.
+
+Table 5: Registered encryption schemes
+
+| Name                |   Value              |      Reference                    |
+|:====================|:=====================|:==================================|
+| MoQ Secure Objects  | moq-secure-objects   | {{SecureObjects}}                 |
+
+Custom encryption schemes MAY be used. Custom scheme names SHOULD use Reverse
+Domain Name Notation to avoid collisions (e.g., "com.example.custom-encryption").
+
+### Cipher suite {#ciphersuite}
+Location: T    Required: Optional   JSON Type: String
+
+A string identifying the AEAD cipher suite used for encryption. This field
+MUST be present when encryptionScheme is specified. For the "moq-secure-objects"
+scheme, the following cipher suites are defined:
+
+Table 6: Cipher suites for moq-secure-objects
+
+| Name                       |   Value                      | Tag Size |
+|:===========================|:=============================|:=========|
+| AES-128-GCM-SHA256         | aes-128-gcm-sha256           | 128 bits |
+| AES-256-GCM-SHA512         | aes-256-gcm-sha512           | 128 bits |
+| AES-128-CTR-HMAC-SHA256-80 | aes-128-ctr-hmac-sha256-80   | 80 bits  |
+
+Implementations MUST support "aes-128-gcm-sha256". Implementations SHOULD
+support "aes-128-ctr-hmac-sha256-80" for scenarios requiring smaller
+authentication tags.
+
+### Key ID {#keyid}
+Location: T    Required: Optional   JSON Type: String
+
+A string identifying the key material used for encryption. This value is
+transmitted in the Secure Object KID extension header as defined in
+({{SecureObjects, Section 4.2}}) of each encrypted object.
+
+The keyId and associated trackBaseKey are obtained from an external key
+management system. The mechanism for obtaining these values is out of scope
+for this specification. Examples include MLS-based key distribution
+{{E2EE-MLS}} or other out-of-band key exchange mechanisms.
+
+The scope of a keyId is determined by the key management system in use. A
+keyId MAY be scoped to a single track, a single MSF session, or multiple
+tracks and sessions. When multiple tracks share the same Key ID, they MAY
+share the same base key material, though per-track keys are derived using
+the track name as defined in ({{SecureObjects, Section 5}}).
+
+### Track Base Key {#trackbasekey}
+Location: T    Required: Optional   JSON Type: String
+
+A base64-encoded {{BASE64}} string containing the base key material for this
+track, as defined in ({{SecureObjects, Section 5}}). This field works in
+conjunction with keyId to provide the cryptographic material needed for
+decryption. The trackBaseKey is obtained from the same key management system
+that provides the keyId.
+
+When present, this field contains the raw key material that, together with
+the track name and other parameters defined in ({{SecureObjects, Section 5}}),
+is used to derive the actual encryption keys. Publishers and subscribers MUST
+use matching trackBaseKey values for successful decryption.
+
 ## Delta updates {#deltaupdates}
 A catalog update might contain incremental changes. This is a useful property if
 many tracks may be initially declared but then there are small changes to a
@@ -916,6 +1041,55 @@ and video tracks.
 
 ~~~
 
+### Encrypted Audio/Video Tracks
+
+This example shows a catalog for encrypted LOC-packaged audio and video
+tracks using MoQ Secure Objects with AES-128-GCM.
+
+~~~json
+{
+  "version": 1,
+  "generatedAt": 1746104606044,
+  "tracks": [
+    {
+      "name": "1080p-video",
+      "namespace": "conference.example.com/conference123/alice",
+      "packaging": "loc",
+      "isLive": true,
+      "targetLatency": 2000,
+      "role": "video",
+      "renderGroup": 1,
+      "codec": "av01.0.08M.10.0.110.09",
+      "width": 1920,
+      "height": 1080,
+      "framerate": 30,
+      "bitrate": 1500000,
+      "encryptionScheme": "moq-secure-objects",
+      "cipherSuite": "aes-128-gcm-sha256",
+      "keyId": "key-2024-q1-premium",
+      "trackBaseKey": "dGhpc2lzYXNhbXBsZWJhc2VrZXk="
+    },
+    {
+      "name": "audio",
+      "namespace": "conference.example.com/conference123/alice",
+      "packaging": "loc",
+      "isLive": true,
+      "targetLatency": 2000,
+      "role": "audio",
+      "renderGroup": 1,
+      "codec": "opus",
+      "samplerate": 48000,
+      "channelConfig": "2",
+      "bitrate": 32000,
+      "encryptionScheme": "moq-secure-objects",
+      "cipherSuite": "aes-128-gcm-sha256",
+      "keyId": "key-2024-q1-premium",
+      "trackBaseKey": "dGhpc2lzYXNhbXBsZWJhc2VrZXk="
+    }
+  ]
+}
+~~~
+
 ### Media timeline and Event timeline
 
 This example shows a catalog for a media producer capable of sending LOC