W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2011

Re: Identity and verifying who you're talking to

From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 9 Nov 2011 21:34:03 -0800
Message-ID: <CABcZeBO+tVHos=e4XfFdmWcii3jVHeRNMwCNb81kfXKphYkLEw@mail.gmail.com>
To: Harald Alvestrand <harald@alvestrand.no>
Cc: "public-webrtc@w3.org" <public-webrtc@w3.org>
I've been thinking about this a bunch and I'm happy to volunteer, as
long as you're
OK with it being someone who's not a WG member.

-Ekr


On Wed, Nov 9, 2011 at 8:55 AM, Harald Alvestrand <harald@alvestrand.no> wrote:
> In the minutes from TPAC, there was a long section on identity: If you want
> to verify who you're talking to, what namespace are you actually verifying
> the identity against, and how is that mapped onto observable fields in
> protocols, and from there to stuff that's visible on the API?
>
> A lot of the discussion is here:
>
> http://www.w3.org/2011/11/01-webrtc-minutes.html#item06
>
> I'd very much welcome if someone could pick up this action and present some
> actionable proposals for it:
>
> - How do we verify identity without tying ourselves to one specific identity
> framework?
> - What functions in our channel setup mechanism (DTLS-SRTP hashes???) do we
> use for communicating info that lets us verify the identity?
> - What are the requirements for the UI that result from such a verification
> mechanism?
>
> Volunteers?
>
>            Harald, for the chairs
>
>
>
>
Received on Thursday, 10 November 2011 05:35:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 10 November 2011 05:35:13 GMT