W3C home > Mailing lists > Public > public-webrtc@w3.org > January 2015

Re: Move forward with Key control APIs

From: Cullen Jennings (fluffy) <fluffy@cisco.com>
Date: Thu, 15 Jan 2015 18:50:13 +0000
To: Martin Thomson <martin.thomson@gmail.com>
CC: Stefan HÃ¥kansson <stefan.lk.hakansson@ericsson.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
Message-ID: <8756E782-6ACA-47A9-A4A0-5149B783D64F@cisco.com>

In the future as we move forward with browser support access local hardware trust stores, we need to be able to use those. 

> On Jan 12, 2015, at 4:53 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> On 12 January 2015 at 06:10, Stefan HÃ¥kansson LK
> <stefan.lk.hakansson@ericsson.com> wrote:
>> #1. Anonymous calling: the correspondent doesn't care who the other side
>> is, so no identification is needed.
>> #2. Identified calling: there's some chain of evidence linking the
>> crypto keys used for the call to some mutually-known identity (probably
>> via an identity provider).
> This is separate to, and separable from, the identity work.  It's
> mostly useful in the absence of identity, though it can have some
> limitation application when identity is involved.
> With Tim's example, key continuity provides pseudonymous
> identification of a peer.  However useful this is in some cases,
> linkability of this sort is a real liability when it comes to
> anonymous calling.
> Thus the proposal, which is to have every PeerConnection instance use
> new credentials unless an application overrides that.  That partly
> assumes we can agree to mandate ECDSA rather than RSA due to the cost
> of RSA key generation on limited clients.  I think that Justin
> currently has the token on that part of the issue.
> I don't think that there is any more to it than that.  Richard and
> Ryan seem to be arguing more over the interpretation of this basic
> requirement.  I don't see any evidence of a lack of understanding
> there, more a disagreement over how to interpret and address it.
> My suggestion is that you tell the interested parties to sort it out
> between themselves and come back with a recommendation to the group.
> I'm happy to translate any conclusion they make into a pull request.

Received on Thursday, 15 January 2015 18:50:42 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:42 UTC