[webrtc-pc] Origin value for IdP proxy script from Soares Chen via GitHub on 2017-07-24 (public-webrtc-logs@w3.org from July 2017)

From: Soares Chen via GitHub <sysbot+gh@w3.org>
Date: Mon, 24 Jul 2017 04:26:25 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issues.opened-244969100-1500870384-sysbot+gh@w3.org>

soareschen has just created a new issue for https://github.com/w3c/webrtc-pc:

== Origin value for IdP proxy script ==
In rtcweb-security-arch section 6.4.1.  PeerConnection Origin Check:

> In order to prevent this attack, we require that all signatures be tied to a specific origin ("rtcweb://...") which cannot be produced by content JavaScript.

Does this means that in section 9.1.2 Instantiating an IdP Proxy, it should specify that the origin value inside the IdP proxy script would be using the `rtcweb://` protocol instead of `https://`?

Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1504 using your GitHub account

Received on Monday, 24 July 2017 04:26:27 UTC