DTLS:
Basically DTLS is to construct TLS over datagram (UDP, DCCP, etc.)
DTLS is similar to TLS intentionally except that DTLS has to solve two problems: packet lost and reordering.
DTLS-SRTP DTLS-SRTP can be viewed in two equivalent ways: as a new key management method for SRTP, and a new RTP-specific data format for DTLS.
Client Server
ClientHello + use_srtp -------->
ServerHello + use_srtp
Certificate*
ServerKeyExchange*
CertificateRequest*
<-------- ServerHelloDone
Certificate*
ClientKeyExchange
CertificateVerify*
[ChangeCipherSpec]
Finished -------->
[ChangeCipherSpec]
<-------- Finished
SRTP packets <-------> SRTP packets
It does not transmit the keys in signalling messages but inband as part of the media stream using end-to-end encryption. Before the media stream starts both endpoints perform a mutual DTLS handshake on the media ports. The shared symmetric key that was established for the resulting DTLS session is then used to derive an SRTP key. Then the encrypted SRTP media stream is started.
References
http://wiki.innovaphone.com/index.php?title=Reference11r1:Concept_DTLS-SRTP
https://tools.ietf.org/html/rfc5764
http://stackoverflow.com/questions/15331294/difference-between-dtls-and-tls
http://security.stackexchange.com/questions/29172/what-changed-between-tls-and-dtls
