Skip to main content

Secure Real-time Transport Protocol (SRTP) for Cloud Services

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors John Preuß Mattsson , Mats Naslund , Magnus Westerlund
Last updated 2016-04-21 (Latest revision 2015-10-19)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


In order to support use cases when two or more end-points communicate via one (or more) cloud service (e.g. virtualized cloud-based conferencing) that are not trusted to access the media content, this document describes the use of so called end-to-end (inner) and hop- by-hop (outer) cryptographic transforms within the Secure Real-time Transport Protocol (SRTP). One of the main aspects of the transforms is to make the confidentiality and message authentication independent of the RTP header. Another central aspect is to enable identification of the cryptographic contexts (keys etc.). Besides the security of the end-points, also trust assumptions regarding the cloud services are addressed.


John Preuß Mattsson
Mats Naslund
Magnus Westerlund

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)