W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > May 2019

Re: [webrtc-pc] Add a security/privacy note about remote SDP (#2193)

From: Lennart Grahl via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 May 2019 10:54:52 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-489058130-1556880891-sysbot+gh@w3.org>
Absolutely. Lack of integrity and authentication of the exchanged SDP allows for man-in-the-middle attacks. IMO the weakest point of WebRTC in regards to its end-to-end encryption claim.

-- 
GitHub Notification of comment by lgrahl
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2193#issuecomment-489058130 using your GitHub account
Received on Friday, 3 May 2019 10:54:54 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:47 UTC