W3C home > Mailing lists > Public > public-webrtc@w3.org > July 2017

[webrtc-pc] Origin value for IdP proxy script

From: Soares Chen via GitHub <sysbot+gh@w3.org>
Date: Mon, 24 Jul 2017 04:26:26 +0000
To: public-webrtc@w3.org
Message-ID: <issues.opened-244969100-1500870384-sysbot+gh@w3.org>
soareschen has just created a new issue for https://github.com/w3c/webrtc-pc:

== Origin value for IdP proxy script ==
In rtcweb-security-arch section 6.4.1.  PeerConnection Origin Check:

> In order to prevent this attack, we require that all signatures be tied to a specific origin ("rtcweb://...") which cannot be produced by content JavaScript.

Does this means that in section 9.1.2 Instantiating an IdP Proxy, it should specify that the origin value inside the IdP proxy script would be using the `rtcweb://` protocol instead of `https://`?

Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1504 using your GitHub account
Received on Monday, 24 July 2017 04:26:27 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:51 UTC