W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > May 2019

[webrtc-pc] Add a security/privacy note about remote SDP (#2193)

From: henbos via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 May 2019 10:41:44 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issues.opened-439989590-1556880103-sysbot+gh@w3.org>
henbos has just created a new issue for https://github.com/w3c/webrtc-pc:

== Add a security/privacy note about remote SDP ==
The spec guards against malformed SDP and SDP that violates the spec, but it does not do anything to guarantee that you get the SDP that you expected.

For example, you might offer sendrecv and assume that if the remote endpoint accepts your offer, they will answer with sendrecv. An application that is not prepared for one-way media might be surprised about this.

This is more of a note to users of the APIs than to the browser implementers. Does a security/note in the "Privacy and Security Considerations" section make sense?

Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2193 using your GitHub account
Received on Friday, 3 May 2019 10:41:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:22:23 UTC