Re: getUserMedia() and authenticated origins

On 10/09/14 15:18, Eric Rescorla wrote:
>

> P.S. I think the question of WebRTC identity is kind of a red herring here.
> It's possibly to use Identity + Isolated Streams to build a
> system which doesn't require any trust at all in the site, but I would
> expect that any site which used these features would be security
> conscious and so would run HTTPS in any case.

I agree, I've always thought that sort of telling users that "use this 
site in spite of not trusting it fully, even allow it to access camera 
and mike since the streams are isolated and PeerIdentity is used" is 
problematic and something we should not encourage.


Received on Wednesday, 10 September 2014 13:50:49 UTC