Greetings again. draft-ietf-rtcweb-data-protocol describes a protocol for establishing a symmetric data channel between two WebRTC peers. The protocol is simple and clear.

The Security Considerations section fully admits that:
   This protocol does not provide privacy, integrity or authentication.
   It needs to be used as part of a protocol suite that contains all
   these things.  Such a protocol suite is specified in
   [I-D.ietf-tsvwg-sctp-dtls-encaps].
In the context of WebRTC, that is a completely reasonable requirement, and it would make no sense to layer a home-built security protocol into the one described in the document.

--Paul Hoffman