Re: Call for adoption - use case for "Trusted application, untrusted intermediary" from Sergio Garcia Murillo on 2018-11-25 (public-webrtc@w3.org from November 2018)

From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Date: Sun, 25 Nov 2018 21:49:29 +0100
To: Eric Rescorla <ekr@rtfm.com>
Cc: Nils Ohlmeier <nohlmeier@mozilla.com>, public-webrtc@w3.org
Message-ID: <1023a62a-99f4-280c-2e9e-8a885012c3cc@gmail.com>

On 25/11/2018 21:22, Eric Rescorla wrote:
>
>     Rigth, but tunneling is the only mechanism specified in PERC, so I
>     assume that is the keying mechanism proposed when speaking about
>     accepting PERC in webrtc., I would not have any issue (in regards
>     of the
>     keying part) with setting the keys in js either on the app (for
>     trusted
>     app models) or in the identity server (for untrusted app model).
>
>
> The problem with this, as Martin indicates, is that this goes directly 
> against the security architecture we have otherwise been using for 
> WebRTC, which involves not having encryption keys handled by the JS or 
> carried directly over the signaling channel.


We are adding a new layer on top of current security architecture, so I 
fail to see how it invalidates it. As I would fail to see how allowing 
the js app to encrypt a websocket message would invalidate secure 
websockets security architecture.

You may consider it insufficient, but that is a different topic.

Best regards

Sergio

Received on Sunday, 25 November 2018 20:46:16 UTC