[liberationtech] WebRTC - voice authentication to the rescue
ShootAKite at riseup.net
ShootAKite at riseup.net
Thu Jan 23 13:04:34 PST 2014
All WebRTC needs to be as secure as a service like ostel.me is a browser extension implementing ZRTP authentication between you and the callee. This approach does not rely on PKI and does not need a server in between caller and callee.
Also the ZRTP authentication string some of you are seeing today in WebRTC is not end-to-end ZRTP it is only the ZRTP fingerprint between the SIP server and a ZRTP compatable SIP client like CSipSimple.
Make sense?
A
-------- Original Message --------
From: Al Billings <albill at openbuddha.com>
Sent: Thu Jan 23 14:12:46 CST 2014
To: liberationtech <liberationtech at mailman.stanford.edu>
Subject: Re: [liberationtech] WebRTC - voice authentication to the rescue
"One of the interesting aspects of WebRTC is that it has encryption baked right into it; there's actually no way to send unencrypted media using a WebRTC implementation. The developing specifications currently use DTLS-SRTP keying[1], and that's what both Chrome and Firefox implement.”
http://sporadicdispatches.blogspot.com/2013/06/webrtc-security-and-confidentiality.html
------------------------------------------------------------------------
--
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.
More information about the liberationtech
mailing list