Can I turn off SRTP when use webrtc

Question

Now I test webrtc communicate with SIP Client(sx20)

I send invite message with webrtc sdp. but sip client answer has not finger print, and

sip client answer is not SRTP just RTP.

So I need to turn off SRTP in WEBRTC. Can I do it?

and one more question... I think, finger print is encrypt key,
so, sender and receiver need to each key? we need two key? sender's key, receive's key? or we need just sender' key?

Answer 1

You cannot turn off SRTP. It is part of the standard and it will probably never be removed.

The key is exchanged in a DTLS key exchange and will be that way for a while as Mozilla and Chrome are in agreement that it is the best and most secure way to exchange media.

That fingerprint is not the key itself, the key is exchanged via DTLS, you can actually see the DTLS exchange if you listen with wireshark on one of your machines so that you can see what is going on with the exchange.

You will need to implement a breaker to interface with the webrtc client and the SIP client. SIPML5 already has a breaker in play.

Answer 2

For testing purposes, Chrome Canary and Chrome Developer both have a flag which allows you to turn off SRTP, for example:

cd /Applications/Google\ Chrome\ Canary.app/Contents/MacOS/
./Google\ Chrome\ Canary --disable-webrtc-encryption

Then your SDP with the RTP setup would look more like:

m=audio 17032 RTP/AVPF 111 126

Instead of:

m=audio 17254 UDP/TLS/RTP/SAVPF 111 126