Question

Where are the media encryption keys created? Is it in the endpoint SDK (Web, iOS, etc) or the cloud?

Applies To

• Video API
• Security
• Encryption
• Media

Answer

Media encryption keys are created on the WebRTC clients.

• In Routed mode, one of the clients is the media router which is in the cloud. The media router can decrypt the packets to send the correct quality layer to the client, allow telephone dial-in, create HLS or RTMP broadcasts, or create meeting recordings.
• In Relayed mode, it is only client-side which is the endpoint SDK. It uses DTLS-SRTP, an RFC standard, which means the keys are always made on the clients when using Relayed mode.

Additional Information

See further references on Security.

What security features does Vonage Video API implement?