Re: [webrtc-pc] Add a security/privacy note about remote SDP (#2193) from Lennart Grahl via GitHub on 2019-05-03 (public-webrtc-logs@w3.org from May 2019)

From: Lennart Grahl via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 May 2019 10:54:52 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-489058130-1556880891-sysbot+gh@w3.org>

Absolutely. Lack of integrity and authentication of the exchanged SDP allows for man-in-the-middle attacks. IMO the weakest point of WebRTC in regards to its end-to-end encryption claim.

-- 
GitHub Notification of comment by lgrahl
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2193#issuecomment-489058130 using your GitHub account

Received on Friday, 3 May 2019 10:54:54 UTC