Looking at the trace some more, not only is the
signalling Skinny, it is not decoded as such (just TCP port 2443). I don't have
any knowledge of secure VoIP, but is there a secure version of Skinny?
I tried a "Decode As" Skinny for 2443, but it made
no difference. I am guessing that because Wireshark is only recognising the
Skinny as TCP and I have the RTP option of "Try to decode RTP outside of
conversations" ticked, this is one reason as to why the SRTP is currently
decoded as RTP?
Wireshark already can distinguish between RTP and SRTP, when properly
signalled (like in SDP). Currently it's not, SDP sets dummy SRTP info, hence
the RTP dissector can't make use of it other than saying it's SRTP. Once the
SDP, MIKEY or other dissector start to set real SRTP info the RTP dissector
can show some real SRTP dissection.