Robin's proposed straw man for discussion: After the DTLS handshake exchange completes (but before the remote fingerprint is verified) incoming media packets may be received. A modest buffer must be provided to avoid loss of media prior to remote fingerprint validation (which can begin after start() is called). >From Robin Raymond: @rshpount<https://github.com/rshpount> because after you have validated the certificate you know for certain the media is coming from the correct party you are attempting to communicate to. Without this a proxy that is doing a man-in-the-middle attack could allow the ICE username fragment/password to flow through but substitute its own DTLS/media in that flow. Therefore an attacker could end up flowing evil packets into decoders vs only allowing packets into decoders that are coming from a more trusted source without ever having seen the session description.
Received on Thursday, 4 June 2015 03:07:30 UTC