Re: Identity and verifying who you're talking to

On 11/10/2011 06:34 AM, Eric Rescorla wrote:
> I've been thinking about this a bunch and I'm happy to volunteer, as
> long as you're
> OK with it being someone who's not a WG member.

Thank you!
Mahalingam Mani already organized a workshop on this at TPAC on 
Wednesday (that day was done "unconference" styile), and has volunteered 
to take the lead as a WG member. I'm sure you can work on this together.
> -Ekr
>
>
> On Wed, Nov 9, 2011 at 8:55 AM, Harald Alvestrand<harald@alvestrand.no>  wrote:
>> In the minutes from TPAC, there was a long section on identity: If you want
>> to verify who you're talking to, what namespace are you actually verifying
>> the identity against, and how is that mapped onto observable fields in
>> protocols, and from there to stuff that's visible on the API?
>>
>> A lot of the discussion is here:
>>
>> http://www.w3.org/2011/11/01-webrtc-minutes.html#item06
>>
>> I'd very much welcome if someone could pick up this action and present some
>> actionable proposals for it:
>>
>> - How do we verify identity without tying ourselves to one specific identity
>> framework?
>> - What functions in our channel setup mechanism (DTLS-SRTP hashes???) do we
>> use for communicating info that lets us verify the identity?
>> - What are the requirements for the UI that result from such a verification
>> mechanism?
>>
>> Volunteers?
>>
>>             Harald, for the chairs
>>
>>
>>
>>
>

Received on Thursday, 10 November 2011 09:57:59 UTC