Hacker News new | past | comments | ask | show | jobs | submit login

Webrtc itself requires perfect forward secrecy. While you cannot do authentication with it - you need to provide that yourself - you can be certain besides yourself and whomever your signaling server told you is your peer are the only two able to decrypt the packets going between you two.



Doesn't the server know the token id? I didn't inspect the requests, but it's possible to send the token to the server.

Therefore, can't they download the sample just like the connected client?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: