As long as both clients are connected to the same server via TLS, then the RTP will be encrypted for sure. You don't have as much control once packets are sent to third parties., thus you cannot be sure.
-----Original Message----- From: Linphone-users <[email protected]> On Behalf Of Stuart D Gathman Sent: Monday, May 3, 2021 8:48 PM To: [email protected] Subject: Re: [Linphone-users] Are Linphone video/audio communications natively encrypted end-to-end? On Mon, 3 May 2021, Gabby wrote: > Are Linphone video/audio communications encrypted end-to-end without > relying on an external means of encryption like VPN? More precise question. :-) I believe it is when connecting directly via encrypted RTP (without authentication), but I am waiting to hear the answer from someone who really knows. The problem is, both parties need to be able to authenticate the other party with something like a pubkey. You can negotiate a key without authentication, but then there might be a man-in-the-middle. I have never seen anything resembling such authentication in SIP, but would be happy to find out there is. Linphone would then need to store the pubkey/cert (or equiv authentication) for addressbook entries and provide a way to verify them via an other channel to ensure the pubkey is not for a MITM. There does not seems to be any authentication in the address book for my ancient linphone-3.6.1 _______________________________________________ Linphone-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/linphone-users
