henbos has just created a new issue for https://github.com/w3c/webrtc-extensions: == (How) should we mitigate error code exploits? == As pointed out [here](https://github.com/w3c/webrtc-extensions/issues/52#issuecomment-784154437), error codes that help distinguish between "wrong credentials" and generic network error might help an attacker for example brute-forcing credentials. pc.onicecandidateerror is an example of this. What should we do? Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/issues/70 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Wednesday, 24 February 2021 08:46:45 UTC
This archive was generated by hypermail 2.4.0 : Wednesday, 24 February 2021 08:46:46 UTC