Media Security without a PKI

There seems to be a misunderstanding in the current discussion about media security (see http://www.imc.org/ietf-rtpsec/mail-archive/ for a mailing list archive) and the believe that PKI support is demanded by most of the solution proposals. That’s not true!

ZRTP and the DTLS protocol for the protection of media traffic are two examples of proposals that do not rely on a PKI. The latter allows to leverage an available PKI but does not require it.  
A nice summary of the available media security proposals can be found in http://www.ietf.org/internet-drafts/draft-wing-rtpsec-keying-eval-02.txt

Leave a Reply

Your email address will not be published. Required fields are marked *