5.1 Security Considerations for Implementers

All virtual channel traffic is secured by the underlying core Remote Desktop Protocol. An overview of the implemented security-related mechanisms is specified in [MS-RDPBCGR] section 5.

There are no security considerations for dynamic virtual channel; see [MS-RDPEDYC] section 5.

 When audio data is sent using UDP Wave PDUs and UDP Wave Last PDUs, the audio is not encrypted during transmission between the client and the server. However, verification that the audio data has been transmitted intact is possible since these PDUs are signed. Sending audio data using this UDP sequence is not recommended because the audio data is not encrypted. Instead, virtual channels are recommended.

When audio data is sent using Wave Encrypt PDUs, the audio data is encrypted using RC4 and SHA-1. When the client or server protocol version is less than 5, verification that the audio data has been transmitted intact is not possible because these PDUs are not signed. Sending audio data using this UDP sequence is not recommended because SHA-1 has been proven to be insecure. Instead, virtual channels are recommended.