Can I turn off SRTP when use webrtc

M

2

6

Now I test webrtc communicate with SIP Client(sx20)

I send invite message with webrtc sdp. but sip client answer has not finger print, and

sip client answer is not SRTP just RTP.

So I need to turn off SRTP in WEBRTC. Can I do it?

and one more question... I think, finger print is encrypt key,
so, sender and receiver need to each key? we need two key? sender's key, receive's key? or we need just sender' key?

Merger answered 13/5, 2014 at 6:43 Comment(0)

H

2

You cannot turn off SRTP. It is part of the standard and it will probably never be removed.

The key is exchanged in a DTLS key exchange and will be that way for a while as Mozilla and Chrome are in agreement that it is the best and most secure way to exchange media.

That fingerprint is not the key itself, the key is exchanged via DTLS, you can actually see the DTLS exchange if you listen with wireshark on one of your machines so that you can see what is going on with the exchange.

You will need to implement a breaker to interface with the webrtc client and the SIP client. SIPML5 already has a breaker in play.

Homozygote answered 13/5, 2014 at 16:7 Comment(1)

There is some traffic like game position updates that will suffer from the overheads of encryption. They don't need encryption. Encryption should be able to be turned on or off per data channel. – Jonme 11/5, 2021 at 14:25

W

14

For testing purposes, Chrome Canary and Chrome Developer both have a flag which allows you to turn off SRTP, for example:

cd /Applications/Google\ Chrome\ Canary.app/Contents/MacOS/
./Google\ Chrome\ Canary --disable-webrtc-encryption

Then your SDP with the RTP setup would look more like:

m=audio 17032 RTP/AVPF 111 126

Instead of:

m=audio 17254 UDP/TLS/RTP/SAVPF 111 126

Wen answered 22/9, 2016 at 20:24 Comment(1)

any idea to disable the same in firefox? – Transmarine 17/4, 2020 at 9:25

H

2