On 9/4/2011 2:09 PM, Ian Hickson wrote: > On Sun, 4 Sep 2011, Harald Alvestrand wrote: >> I asked at the time whether we were going to do masking on raw audio >> data played back from a file, since the attacker would have complete >> control over that data too. > We absolutely should, yes. Why? Websockets needs masking when encryption isn't in use because there might be transparent proxies in the path that are confused by the content. I have yet to see a claim of the existence of equivalent transparent UDP proxies, and the ICE handshake removes the protocol spoofing issue. Matthew KaufmanReceived on Monday, 5 September 2011 03:53:54 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:21 UTC