On Fri, 18 Mar 2011, Glenn Maynard wrote: > > It's possible that ICE doesn't actually negotiate this securely, since > the STUN server itself is untrusted. Do you (or anyone else) know if > STUN negotiation is secure under these circumstances? Or do you think > it doesn't matter? The other ICE peer, the STUN server, the TURN server (if any), and the signaling channel are all under the control of the attacker in a worst case scenario (the user being directed to a hostile or hijacked site). The attacker essentially has perfect knowledge; the only thing we can add that the attacker doesn't know is a random number with each packet. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'Received on Friday, 18 March 2011 20:28:28 UTC
This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:31 UTC