IETF Logo Mail Archive

Re: [rtcweb] Retransmit: Summary of Alternatives for media keying

Randell Jesup <randell1@jesup.org> Thu, 28 July 2011 22:17 UTC

Return-Path: <randell1@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A72221F885C for <rtcweb@ietfa.amsl.com>; Thu, 28 Jul 2011 15:17:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.553
X-Spam-Level:
X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[AWL=0.046, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqObUzC8VSaN for <rtcweb@ietfa.amsl.com>; Thu, 28 Jul 2011 15:17:01 -0700 (PDT)
Received: from arthur.webserversystems.com (arthur.webserversystems.com [174.132.191.98]) by ietfa.amsl.com (Postfix) with ESMTP id CB35321F87BC for <rtcweb@ietf.org>; Thu, 28 Jul 2011 15:17:01 -0700 (PDT)
Received: from pool-98-111-140-38.phlapa.fios.verizon.net ([98.111.140.38] helo=[192.168.1.12]) by arthur.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell1@jesup.org>) id 1QmYt3-0000dZ-4q for rtcweb@ietf.org; Thu, 28 Jul 2011 17:17:01 -0500
Message-ID: <4E31DF8E.6060602@jesup.org>
Date: Thu, 28 Jul 2011 18:15:42 -0400
From: Randell Jesup <randell1@jesup.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <12BF9E55-662F-4762-9E47-2BBD3FA5FD93@acmepacket.com> <A444A0F8084434499206E78C106220CA08F1D75CF0@MCHP058A.global-ad.net> <2E6CBDE0-DA10-4792-8059-A01F554DB370@skype.net> <E1963869-9E21-4F1F-AB4A-E5D070CCA581@acmepacket.com> <55C78CA7-292C-4E0E-901B-83B7614C2F32@skype.net> <4E31DAAB.5030606@jesup.org>
In-Reply-To: <4E31DAAB.5030606@jesup.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - arthur.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] Retransmit: Summary of Alternatives for media keying
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2011 22:17:02 -0000

On 7/28/2011 5:54 PM, Randell Jesup wrote:
>> (You can also add a browser extension that uses a service that you 
>> trust but that isn't your calling service, and when you're calling 
>> other people with the same extension you can check the fingerprints 
>> in an automated way using that.)
>
> Definitely possible, and adds another largely-independent layer of trust.
>

Replying to myself with something the Mozilla team was thinking about 
(we may come
back with more on this later, after talking to the people here about 
it):  an example of an
independent layer of identity trust would be the just-announced 
BrowserID initiative:

https://browserid.org/

The plan is to move this into the browser itself.

Also see 
http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in

Perhaps the browserid data could be used to facilitate authentication of 
SAS data, for example.

-- 
Randell Jesup
randell-ietf@jesup.org

v2.23.0 | Report a Bug | By Email