On Wed, Oct 8, 2014 at 2:45 PM, Chris Palmer <palmer@google.com> wrote: > TL;DR: We don't have time, user attention, or space to communicate > crypto nuance. Therefore we must quantize the security guarantee > upward. > > Read on, if you care... > > On Wed, Oct 8, 2014 at 9:04 AM, Eric Rescorla <ekr@rtfm.com> wrote: > > > It is not generally true that *passive* network attackers will be able to > > watch or listen to users in real-time, even if gUM is used without an > > authenticated origin. > > I think you mean that purely passive attackers cannot always choose > their target. Obviously you know that they can watch and listen to at > least some target users' media, unless gUM uses secure transport. I think perhaps you are misunderstanding the way that gUM works. gUM just provides the JS with a handle to a media stream. That media stream is not (by default) sent over the wire, but is just local to the users machine. So, the relevant question is how the Web application handles that stream. This is explained in detail in the rest of the message you are quoting here. http://lists.w3.org/Archives/Public/public-media-capture/2014Oct/0117.html -Ekr
Received on Wednesday, 8 October 2014 22:05:51 UTC