Re: [rtcweb] Consensus call regarding media security

Basil Mohamed Gohar <> Wed, 28 March 2012 21:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9321E21E8040 for <>; Wed, 28 Mar 2012 14:08:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.518
X-Spam-Status: No, score=-2.518 tagged_above=-999 required=5 tests=[AWL=0.081, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qR+2QqgrFLvw for <>; Wed, 28 Mar 2012 14:08:13 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E513821E800E for <>; Wed, 28 Mar 2012 14:08:12 -0700 (PDT)
Received: from [] ( []) by (Postfix) with ESMTPSA id D275865256F for <>; Wed, 28 Mar 2012 17:08:08 -0400 (EDT)
Message-ID: <>
Date: Wed, 28 Mar 2012 17:08:03 -0400
From: Basil Mohamed Gohar <>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20111108 Fedora/3.1.16-1.fc14 Lightning/1.0b3pre Thunderbird/3.1.16
MIME-Version: 1.0
References: <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.1.2
OpenPGP: id=5AF4B362
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] Consensus call regarding media security
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 28 Mar 2012 21:08:13 -0000

On 03/28/2012 04:41 PM, Roman Shpount wrote:
> My main objection is that if an application developer does not take
> care to develop a secure application, nothing you can do on the
> standard side will make it a secure application. If I am building a
> public voice blog that records a voice message that anybody can listen
> to on the web site security is not needed. My assumption is that a
> fair number of applications would be like this. So for such
> applications this is an unnecessary feature.
> WebRTC will not exist in vacuum. It will communicate with other
> systems. It is not limited to old SIP devices. It can be something new
> like server side speech recognition that is integrated with web
> application. For such application extra code and interop requirements
> to support security will represent a real and significant cost. Any
> requirement, unless absolutely necessary will create barriers to entry
> for new applications. I would like to avoid as many of those as
> possible. 
> _____________
> Roman Shpount

You make a lot of good points.  However, the inverse is true as well -
namely, that is if encryption is not mandated, most implementations will
likely leave it out, and adoption of secured communications would be
stifled even longer.  I cannot speak about the implementation
difficulties, but I can speak from the user side that most people will
remain ignorant of the underlying technology and not know enough to
demand nor enable a feature if it is optional to implement and/or use.

As WebRTC is a new standard, requiring encryption will ensure that, at
least going forward, the important concept of encryption is widely
adopted correctly from the beginning.  Tacking it on later, no matter
how much it is emphasized, will be difficult or impossible.

The scope of WebRTC is broad enough to consider that we need to think
about what's best going forward with regards to its implementation. 
Security by default is one of the best practices in general, the support
from the browser community and others that are behind it will definitely
ensure that adoption is widespread enough to make it easy enough to
integrate into existing systems, as free software solutions will become
available shortly after the standard emerges.