- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Sun, 06 Sep 2015 18:52:36 +0200
- To: public-webrtc@w3.org
On 09/05/2015 04:33 AM, Martin Thomson wrote: > On 4 September 2015 at 19:08, Justin Uberti <juberti@google.com> wrote: >> We are about to land ECDSA in Chrome. At that point, I think browser caching >> and all other optimizations become meaningless. > Key generation is fairly trivial, but not as trivial as retrieving it > from storage. However, I would still recommend key reuse for RSA > (sloooow) and for where you actually want to present some sort of > stable identity to peers. In most cases, the default behaviour is > probably the best. > What would you recommend as the best explanation of what the "identity" asserted by an ephemeral cert "means"? I had a discussion with a colleague the other day about this - as far as I can tell, an ephemeral cert signed by no trusted party can be used for reassurance that the signalling channel and the media channel have either not been MITMed or that they have both been MITMed by the same attacker. -- Surveillance is pervasive. Go Dark.
Received on Sunday, 6 September 2015 16:53:10 UTC