- From: Matthew Kaufman <matthew.kaufman@skype.net>
- Date: Sun, 04 Sep 2011 20:57:28 -0700
- To: Ian Hickson <ian@hixie.ch>
- CC: Harald Alvestrand <harald@alvestrand.no>, Justin Uberti <juberti@google.com>, public-webrtc@w3.org
On 9/4/2011 8:54 PM, Ian Hickson wrote: > On Sun, 4 Sep 2011, Matthew Kaufman wrote: >> On 9/4/2011 2:09 PM, Ian Hickson wrote: >>> On Sun, 4 Sep 2011, Harald Alvestrand wrote: >>>> I asked at the time whether we were going to do masking on raw audio >>>> data played back from a file, since the attacker would have complete >>>> control over that data too. >>> We absolutely should, yes. >> Why? > Defense in depth. > In this case, overkill and non-functional, both. Masking of raw audio data played over RTP wouldn't be very useful to existing RTP devices. And if we're not going to support existing RTP devices, just turn on DTLS-SRTP for everything and be done with it. Matthew Kaufman
Received on Monday, 5 September 2011 03:58:31 UTC