Can someone explain to me what the difference is between TLS and SRTP in the context of phone-to-phone encryption? Does TLS encrypt the RTP stream? What about when using SIP phones?
Chris, You are almost there. TLS is the protocol used to encrypt RTP stream. Once RTP is encrypted, its called SRTP. TLS stands for transport layer security. TLS provides Integrity, Authentication and Encryption. TLS uses certificates. When a phone is configured from Non-secure to secure mode, a certificate is generated for that phone and installed on the phone. These are called LSCs.
These certificates are used for encrypting the signalling and voice payload. More details can be found in callmanager security guide.
PS: please remember to rate posts!