Usernames are uniquely assigned by the server to each client for each media stream. ICE Passwords randomly generated for a group, and also assigned by the server.
I can change the flow so that the client signals the username that firefox randomly generates back to the server, but this is not better than having the server tell the client what user name and password to use. Whether the ice password is unique is not really my concern. The app flow that I want is for the server to assign ice-ufrag and ice-pwd to the client, and not the other way around. But at this point, since FF does not allow the application to assign the ufrag/pwd, and it will be many months before FF would even potentially allow it, I will have to change my application to accommodate firefox. On Wednesday, June 26, 2013 10:33:24 AM UTC-7, Eric Rescorla wrote: > On Wed, Jun 26, 2013 at 10:08 AM, <[email protected]> wrote: > > > > > My use case is client-server group conferencing, not p2p. > > > > > > Everyone has already logged into a particular room, and per-group > > > passwords are used for ICE. The fact that a client has a valid ice-ufrag > > > and the group password means that they have already been authorized. > > > > > > Can you explain more. Are the usernames and passwords not unique? > > > > > > > > > I could modify the system for separate ice passwords, but it would not > > > improve security, and would add complexity. > > > > > > > Hmm... I'm not 100% convinced this is true. See > > http://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-06#section-5.7.3 > > > > > > -Ekr _______________________________________________ dev-media mailing list [email protected] https://lists.mozilla.org/listinfo/dev-media
