In the past there was no encryption for communications then sRTP with DTLS became the way of doing it (secure signalling and media) when you negotiate sRTP material between parties you can intercept the keys and inject some pretending to be the remote caller and viceversa. https://bloggeek.me/is-webrtc-safe/ a good read