W3C home > Mailing lists > Public > public-webrtc@w3.org > March 2017

Re: Identity mechanism at risk?

From: westhawk <thp@westhawk.co.uk>
Date: Fri, 17 Mar 2017 08:51:14 +0000
Message-Id: <A7C2A9B7-4FC0-4A2A-A49B-A1D4D8D6EF13@westhawk.co.uk>
Cc: Dominique Hazaƫl-Massieux <dom@w3.org>, "public-webrtc@w3.org" <public-webrtc@w3.org>
To: Cullen Jennings <fluffy@iii.ca>

> On 17 Mar 2017, at 02:35, Cullen Jennings <fluffy@iii.ca> wrote:
> 
> 
> The security of WebRTC is very weak without this, 

That is an overstatement of the situation in my view.

There are several services that address the MiTM risks by adding their own
identity validation mechanisms which in turn verify the DTLS fingerprint. 

One example is wire.com : https://medium.com/wire-news/the-road-to-a-more-private-and-secure-calling-protocol-a8f22d23f112 <https://medium.com/wire-news/the-road-to-a-more-private-and-secure-calling-protocol-a8f22d23f112>
Or Matrix.org <http://matrix.org/> 
Or https://tools.ietf.org/html/draft-johnston-rtcweb-zrtp-02 <https://tools.ietf.org/html/draft-johnston-rtcweb-zrtp-02>

All of these use cryptography in Javascript to validate the identity of a webRTC caller and detect MiTM.
The limitation is that to work both parties need to be loading the same javascript, probably from the same site. 

What the identity provider draft brings is a standard mechanism - implemented inside the browser - which
would allow the decoupling of the identity from the calling site - it also allows calls between 2 different web properties to 
be verified. 

This additional feature is a very-nice-to-have -but not essential - certainly not enough to justify delaying the
rest of the standardisation process while we wait for it.
 

Tim.
Received on Friday, 17 March 2017 08:51:49 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:50 UTC