Secure Real-time Transport Protocol
Any media you send over the internet should be encrypted. SRTP is the protocol. In WebRTC it's automatic via DTLS-SRTP; in SIP deployments you must configure it explicitly. Know it when auditing VoIP security.
What It Defines
SRTP adds confidentiality, message authentication, and replay protection to RTP/RTCP. Uses AES-CM or AES-GCM for encryption and HMAC-SHA1 for authentication. Key material is delivered via SDES (SDP) or DTLS-SRTP (WebRTC). All WebRTC implementations mandate SRTP.
Canonical (Normative)
Related References
The canonical publication point for finalized RFCs. If a protocol is standardized as an RFC, the RFC Editor text is the normative final reference. Published by the IETF, IRTF, IAB, and independent stream.
Related Specs
RTP carries all real-time media: VoIP, WebRTC, live video, and video conferencing. Understanding SSRC demultiplexing, jitter buffers, and RTCP feedback loops is essential for any media application.
WebRTC media is always encrypted. DTLS-SRTP is the protocol that does it. Know it when troubleshooting media security negotiation or DTLS handshake failures.
SIP is the PSTN of the internet. Every VoIP platform (Twilio, Vonage, AWS Chime, Asterisk, FreeSWITCH) speaks SIP. Building any communications product requires understanding INVITE flows, registration, and codec negotiation via SDP.