Polycom CX5500 Unified Conference Station Administrator’s Guide 1.1.0
Polycom, Inc. 186
feature is enabled, phones negotiate with the other end-point the type of encryption and authentication to
use for the session. This negotiation process is compliant with RFC4568—Session Description Protocol
(SDP) Security Descriptions for Media Streams.
Web Info: SRTP RFC Resources
For more information on SRTP, see RFC 3711. For the procedure describing how two phones set up
SRTP for a call, see RFC 4568.
Authentication proves to the phone receiving the RTP/RTCP stream that the packets are from the
expected source and have not been tampered with. Encryption modifies the data in the RTP/RTCP
streams so that, if the data is captured or intercepted, it sounds like noise and cannot be understood.
Only the receiver knows the key to restore the data.
A number of session parameters have been added to enable you to turn off authentication and encryption
for RTP and RTCP streams. This is done mainly to reduce the phone’s processor usage.
If the call is completely secure (RTP authentication and encryption and RTCP authentication and RTCP
encryption are enabled), then the user sees a padlock symbol appearing in the last frame of the
connected context animation (two arrows moving towards each other)
Secure Real Time Transport Protocol Parameters
Central Provisioning Server
sip-interop.cfg > sec.srtp.enable
Include secure media in SDP of SIP INVITE
sip-interop.cfg > sec.srtp.offer
Include crypto in offered SDP
sip-interop.cfg > sec.srtp.offer.*
Secure media stream required in all SIP INVITEs
sip-interop.cfg > sec.srtp.require
Check tag in crypto parameter in SDP
sip-interop.cfg > sec.srtp.requireMatchingTag
Specify if the phone offers and/or requires: RTP encryption,
RTP authentication, and RTCP encryption
sip-interop.cfg > sec.srtp.sessionParams.*
To Next Page
Loading...
Need help?
General
