Skip to main content

Secure Real-time Transport Protocol (SRTP) for Cloud Services

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Yi Cheng , John Preuß Mattsson , Mats Naslund
Last updated 2015-01-05 (Latest revision 2014-07-04)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document describes the use of end-to-end (inner) and hop-by-hop (outer) cryptographic transforms within the Secure Real-time Transport Protocol (SRTP). The motivation is to support use cases when two or more end-points communicate via one (or more) cloud service (e.g. virtualized cloud-based conferencing) that are not trusted to access the media content. One of the main aspects of the transform is to make the confidentiality and message authentication independent of the RTP header. Another central aspect is to enable identification of the cryptographic context (keys etc.). Besides the security of the end-points, also trust assumptions regarding the cloud services are addressed.


Yi Cheng
John Preuß Mattsson
Mats Naslund

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)