FreeSWITCH 1.8
上QQ阅读APP看书,第一时间看更新

Encryption Everywhere

Encryption of media and data streams is mandatory. Full stop. There is no way you can have a WebRTC communication without encrypting the streams that are exchanged. Those would be the media streams (audio+video) and, if present, the data streams. Media streams are encrypted as SRTP with key exchange via DTLS. That is done for you by the RTCPeerConnection API.

But, while you're at it, it makes only sense to have the session protocol's signaling encrypted too. The transport of choice for such signaling is usually Secure WebSocket. You will see almost everywhere the URI prefix WSS:// (WebSocket Secure) when defining WebRTC signaling servers and endpoints. WSS signaling exchange is encrypted by TLS (eg, like web HTTPS). The alternative, unencrypted, is simply WS, but is rarely used beyond testing purposes.