[liberationtech] From Snowden's email provider. NSL??? (Recipe for Secure Audio, Video, Chat, File Transfer)
Joseph Lorenzo Hall
joe at cdt.org
Fri Aug 9 07:07:29 PDT 2013
On Fri Aug 9 09:42:49 2013, Fabio Pietrosanti (naif) wrote:
> To be true, i invested 4 weeks of trolling on IETF WebRTC mailing list
> sustaining the need to support "also SDES" in order to provide
> interoperability with existing VoIP world from day 1.
::) I think I'm solidly with EKR on this... and this is a valuable 15
minute presentation on the "no SDES" argument:
http://recordings.conf.meetecho.com/Recordings/watch.jsp?recording=IETF87_RTCWEB&chapter=part_4
> When i unsubscribed from the DTLS-SRTP mailing, the WebRTC standard was
> WITH "end-to-end" encryption but WITHOUT end-to-end-authentication
> (relying on the server to provide authentication means for user
> fingerprint, de-facto allowing MITM).
>
> Which is the current status for fingerprint verification of DTLS-SRTP
> calls? Does it still rely on server?
Alas, I have lost track of this... maybe someone else close to how it's
evolved can chime in? best, Joe
--
Joseph Lorenzo Hall
Senior Staff Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe at cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8
More information about the liberationtech
mailing list