W3C home > Mailing lists > Public > public-webrtc@w3.org > November 2018

Re: Call for adoption - use case for "Trusted application, untrusted intermediary"

From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Date: Sat, 24 Nov 2018 08:06:38 +0100
To: Nils Ohlmeier <nohlmeier@mozilla.com>
Cc: public-webrtc@w3.org
Message-ID: <3854a1a2-4010-b218-252c-991ae1494594@gmail.com>
On 24/11/2018 6:01, Nils Ohlmeier wrote:
>> On 23Nov, 2018, at 02:31, Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> wrote:
>> Also speaking as a SFU developer, they DTLS tunneling stuff for keying is a big no.
> Why would that be a No?

Mainly, because there are alternatives that requires not to implement 
anything on the SFU and only require framemarking to be implemented. 
This has been validated and it is working on Jitsi, Janus and Medooze 
SFUs. It will add another integration point with an external server, 
which we don't have available for testing, so we will have to mock it up 
and then make tests with each new external key manager that we have to 
deploy with.

> It is probably also worth pointing out that the PERC working group has not settled yet for that being the only way to establish double encryption keys.

Rigth, but tunneling is the only mechanism specified in PERC, so I 
assume that is the keying mechanism proposed when speaking about 
accepting PERC in webrtc., I would not have any issue (in regards of the 
keying part) with setting the keys in js either on the app (for trusted 
app models) or in the identity server (for untrusted app model).

Best regards

Received on Saturday, 24 November 2018 07:03:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:45 UTC