- From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
- Date: Mon, 1 Feb 2016 10:16:02 +0000
- To: Brad Hill <hillbrad@fb.com>, "dveditz@mozilla.com" <dveditz@mozilla.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Dear Web Application Security Working Group, The WebRTC Working Group is working toward publishing the WebRTC 1.0 specification to Candidate Recommendation and is thus seeking wide review on the document: https://www.w3.org/TR/2016/WD-webrtc-20160128/ We are particularly interested on feedback on the following aspects from WebAppSec: - the security considerations (which were updated based on the TAG security review questionnaire), - more specifically, the risks associated with exposing IP addresses as part of the establishment of the P2P connection, - the mechanics of the identity provider described in the identity section, - the notion of isolated mediastreams and its relationship with other isolation mechanisms in the Web platform. We of course also welcome feedback on any other aspect of the specification.. We would appreciate if that feedback could be provided before the week of February 22 where our next meeting in scheduled, and no later than March 1st. If you have any comments, we prefer you submit them as Github issues: https://github.com/w3c/webrtc-pc/issues Alternatively, you can send your comments by email to public-webrtc@w3.org. Thanks, For the WebRTC co-chairs, Stefan Håkansson
Received on Monday, 1 February 2016 10:17:38 UTC