W3C home > Mailing lists > Public > public-webrtc@w3.org > June 2018

Re: Summary of e2e encryption discussions

From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Date: Sat, 23 Jun 2018 08:45:18 +0200
Message-ID: <CA+ag07a9QzyCx+WFOkRDtC_e2Q=eowiV0rPXmNuOXzK6ggo=Qw@mail.gmail.com>
To: youenn fablet <yfablet@apple.com>
Cc: WebRTC WG <public-webrtc@w3.org>
El sáb., 23 jun. 2018 2:25, youenn fablet <yfablet@apple.com> escribió:

>
>
> Le 22 juin 2018 à 2:50 AM, Sergio Garcia Murillo <
> sergio.garcia.murillo@gmail.com> a écrit :
>
> On 22/06/2018 11:19, Harald Alvestrand wrote:
>
> - Text chat is not straightforward to implement: the top-level page would need to handle the input/output of text so that the iframe has access to encrypted text data only, or some new HTML construct would be needed.
>
> A text widget with encryption + postMessage seems like a smaller thing
> to integrate in the top level than the entire WebRTC handling, though.
>
> I think text encryption should be outside of the scope of webrtc.
>
> Text chat is widely used in video-conferencing and can easily be combined
> with WebRTC in a single peer connection.
> If there is no way to make it work securely like envisioned for audio and
> video, it seems that we are missing an important part of the puzzle
>


WebRTC does not provide controls for text input,  or format and display of
chat messages, that's why I mean that it should be out of our scope.

Anyway, that is already possible (and widely used) via webcrypto. That
would solve the trusted and iframe scenarios. There is no way to solve it
for the untrusted case, except by integrating encryption in html objects
and text inputs.

Best regards
Sergio
Received on Saturday, 23 June 2018 06:45:53 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:42 UTC