W3C home > Mailing lists > Public > public-webrtc@w3.org > September 2011

Re: Masking (Re: PeerConnection Data Channel)

From: Matthew Kaufman <matthew.kaufman@skype.net>
Date: Sun, 04 Sep 2011 20:52:40 -0700
Message-ID: <4E644788.9030305@skype.net>
To: Ian Hickson <ian@hixie.ch>
CC: Harald Alvestrand <harald@alvestrand.no>, Justin Uberti <juberti@google.com>, public-webrtc@w3.org 
On 9/4/2011 2:09 PM, Ian Hickson wrote:
> On Sun, 4 Sep 2011, Harald Alvestrand wrote:
>> I asked at the time whether we were going to do masking on raw audio
>> data played back from a file, since the attacker would have complete
>> control over that data too.
> We absolutely should, yes.

Why?

Websockets needs masking when encryption isn't in use because there 
might be transparent proxies in the path that are confused by the content.

I have yet to see a claim of the existence of equivalent transparent UDP 
proxies, and the ICE handshake removes the protocol spoofing issue.

Matthew Kaufman
Received on Monday, 5 September 2011 03:53:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:21 UTC