{"draft":"draft-zimmermann-avt-zrtp-22","doc_id":"RFC6189","title":"ZRTP: Media Path Key Agreement for Unicast Secure RTP","authors":["P. Zimmermann","A. Johnston, Ed.","J. Callas"],"format":["ASCII","HTML"],"page_count":"115","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IETF - NON WORKING GROUP","abstract":"This document defines ZRTP, a protocol for media path Diffie-Hellman\r\nexchange to agree on a session key and parameters for establishing\r\nunicast Secure Real-time Transport Protocol (SRTP) sessions for Voice\r\nover IP (VoIP) applications.  The ZRTP protocol is media path keying\r\nbecause it is multiplexed on the same port as RTP and does not\r\nrequire support in the signaling protocol.  ZRTP does not assume a\r\nPublic Key Infrastructure (PKI) or require the complexity of\r\ncertificates in end devices.  For the media session, ZRTP provides\r\nconfidentiality, protection against man-in-the-middle (MiTM) attacks,\r\nand, in cases where the signaling protocol provides end-to-end\r\nintegrity protection, authentication.  ZRTP can utilize a Session\r\nDescription Protocol (SDP) attribute to provide discovery and\r\nauthentication through the signaling channel.  To provide best effort\r\nSRTP, ZRTP utilizes normal RTP\/AVP (Audio-Visual Profile) profiles.\r\nZRTP secures media sessions that include a voice media stream and can\r\nalso secure media sessions that do not include voice by using an\r\noptional digital signature.  This document is not an Internet \r\nStandards Track specification; it is published for informational purposes.","pub_date":"April 2011","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6189","errata_url":null}