Comments on: Let’s Talk WebRTC Security https://bloggeek.me/webrtc-security/ The leading authority on WebRTC Mon, 06 Apr 2020 05:48:59 +0000 hourly 1 By: Tsahi Levent-Levi https://bloggeek.me/webrtc-security/#comment-116440 Sat, 05 Jan 2013 11:47:17 +0000 http://bloggeek.me/?p=1551#comment-116440 In reply to Serge Lachapelle.

Serge,

You are of course correct.

My main fascination here isn’t at the specifics of what security spec is part of WebRTC, but rather the fact that it is drastically different than other VoIP solutions in 2 ways:
1. Security is mandated – no RTP to speak of
2. The deployment model and reliance on browsers make for eaiser fixing of security flaws

]]> By: Serge Lachapelle https://bloggeek.me/webrtc-security/#comment-116439 Sat, 05 Jan 2013 11:43:55 +0000 http://bloggeek.me/?p=1551#comment-116439 WebRTC is moving to DTLS-STRP which provides authentication. The way it all ties in with ICE / STUN is very interesting and has created a lot of debates which have generated improvements at the various standard bodies.

Some push back from traditional vendors is always expected… but
1) It’s an opportunity to sell new boxes, isn’t? 🙂
2) The thing that drives the WebRTC effort is not traditional vendors, it is the web.

/Serge

]]>