Re: Suggested resolution of Issue 849: Specify an AllowUnverifiedMedia RTCConfiguration property

I am available both Wednesday and Friday next week as well.

I think with recent standards requiring security and consent to send data
we need to think long and hard about ignoring peer authentication even
temporarily. I think solutions can be designed in such a way that they are
both secure and do not require temporary unverified media.

Regards,
_____________
Roman Shpount

On Wed, May 3, 2017 at 10:32 PM, Martin Thomson <martin.thomson@gmail.com>
wrote:

> On 4 May 2017 at 12:26, Cullen Jennings (fluffy) <fluffy@cisco.com> wrote:
> > Hmm .. not sure that is the case depending on what you assume about
> security of signaling.
>
> The standard assumption: it's not confidential, but it has integrity.
> That is, it contains a true representation of the offer and answer
> generated by the parties that are supposed to be in the call.
>
> > I am totally fine with no security till you get the answer
>
> That helps.  And I fully appreciate how much of a big deal the
> underlying use case is.  But let's chat.
>

Received on Thursday, 4 May 2017 04:47:26 UTC