W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2011

Identity and verifying who you're talking to

From: Harald Alvestrand <harald@alvestrand.no>
Date: Wed, 09 Nov 2011 17:55:26 +0100
Message-ID: <4EBAB07E.6020702@alvestrand.no>
To: "public-webrtc@w3.org" <public-webrtc@w3.org>
In the minutes from TPAC, there was a long section on identity: If you 
want to verify who you're talking to, what namespace are you actually 
verifying the identity against, and how is that mapped onto observable 
fields in protocols, and from there to stuff that's visible on the API?

A lot of the discussion is here:

http://www.w3.org/2011/11/01-webrtc-minutes.html#item06

I'd very much welcome if someone could pick up this action and present 
some actionable proposals for it:

- How do we verify identity without tying ourselves to one specific 
identity framework?
- What functions in our channel setup mechanism (DTLS-SRTP hashes???) do 
we use for communicating info that lets us verify the identity?
- What are the requirements for the UI that result from such a 
verification mechanism?

Volunteers?

             Harald, for the chairs
Received on Wednesday, 9 November 2011 16:56:04 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:26 UTC