RE: Request for feedback: Media Capture and Streams Last Call

Double keying solves only a part of the problem. It improves the 
protection of the data while transmitted to the intended party. From 
there syncing and sharing is still possible, if a party wanted to.

Rob

Mike O'Neill schreef op 2015-07-02 09:01:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Double keying would be very useful, and in contexts other than WebRTC 
> also.
> I still think even in that case (where the deviceId is unique to the
> first-party/third-party combination), there should be no leakage until
> the user has first authorised the origin. And the authorisation should
> lapse after a reasonable period.
> Mike
> 
> - -----Original Message-----
> From: Georg Koppen [mailto:gk@torproject.org]
> Sent: 01 July 2015 22:07
> To: Eric Rescorla; Nick Doty
> Cc: Mike O'Neill; public-privacy (W3C mailing list); Jan-Ivar Bruaroey
> Subject: Re: Request for feedback: Media Capture and Streams Last Call
> 
> *** gpg4o | Unknown Signature from EDC67D98A97A53DC 1 10 01 1435784824 
> 9 ***
> 
> Eric Rescorla:
>> Martin Thomson has suggested using double keying here. Would people
>> consider that
>> satisfactory?
> 
> Yes. I think this is a good idea.
> 
> Georg
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using gpg4o v3.4.103.5490 - http://www.gpg4o.com/
> Charset: utf-8
> 
> iQEcBAEBAgAGBQJVlOG+AAoJEHMxUy4uXm2J+iUIAIemGxKZGQdNyCHXTqzAXlaP
> 7eU0ET/6mHWzL685vzzFP/WK1H6uuO5Iq9tmxCqx9fcQUfjYe0Vjdcruz7hZeEtD
> Cbl0YH+ZsIAPvZoDi2XwERobQ0wKbrRJ0ZkUXDkV27lMyMTFzjD4C+D/FnF398KJ
> hFM+bH5CAc1+gE5unAfpjvGc8PnbEka3dw236hAvO1xoscpTKQM4pCnuvY5+xQAf
> Vve8gHyjpqPU/va93MiHW2NLqnhavU0YwTbnjKaLbYfbITLFS8ioVyFqQwhlam9b
> mVmk9xOzCw91W9iIKqA1w+3I0CT6my+A2xZk5NUuuQ3/n2JNRORDK/DDFBXGzJg=
> =5Jwf
> -----END PGP SIGNATURE-----

Received on Thursday, 2 July 2015 07:07:07 UTC