- From: Matthew Kaufman <matthew.kaufman@skype.net>
- Date: Sun, 04 Sep 2011 20:52:40 -0700
- To: Ian Hickson <ian@hixie.ch>
- CC: Harald Alvestrand <harald@alvestrand.no>, Justin Uberti <juberti@google.com>, public-webrtc@w3.org
On 9/4/2011 2:09 PM, Ian Hickson wrote: > On Sun, 4 Sep 2011, Harald Alvestrand wrote: >> I asked at the time whether we were going to do masking on raw audio >> data played back from a file, since the attacker would have complete >> control over that data too. > We absolutely should, yes. Why? Websockets needs masking when encryption isn't in use because there might be transparent proxies in the path that are confused by the content. I have yet to see a claim of the existence of equivalent transparent UDP proxies, and the ICE handshake removes the protocol spoofing issue. Matthew Kaufman
Received on Monday, 5 September 2011 03:53:54 UTC