Encrypting without key negotiation?
- From: Dave U. Random <anonymous@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 24 Jun 2011 11:23:39 +0200 (CEST)
http://www.whatwg.org/specs/web-apps/current-work/complete/video-
conferencing-and-peer-to-peer-communication.html#stream-api
Looking at Google's new WebRTC API I was pleased to see that they're
using AES to encrypt the data stream. However, I can't find any
references to either RSA, DH or ECC for the key negotiation. It looks
like they're sending the key in cleartext over the Internet.
I hope that I'm mistaken. Could someone confirm this?
.
- Follow-Ups:
- Prev by Date: Re: CCM mode vs. HMAC
- Next by Date: Re: Encrypting without key negotiation?
- Previous by thread: CCM mode vs. HMAC
- Next by thread: Re: Encrypting without key negotiation?
- Index(es):
