ZRTP is an authenticated key exchange protocol for establishing secure communications for Voice over IP applications. In this paper, we devise a post-quantum variant of ZRTP that achieves mutual authentication, session key privacy and forward secrecy against a post-quantum attacker. We correct the original ZRTP protocol to thwart a reflection attack against authentication (when the latter relies upon signatures) and avoid misbinding issues that could potentially lead to unknown key-share attacks. We define a strong security model that we use to prove the security of our post-quantum ZRTP protocol. Finally, we provide a fully functional and efficient open-source code of the corresponding application.