Opened 8 years ago

#10 new defect

Additional Threats

Reported by: bernard_aboba@… Owned by: draft-ietf-rtcweb-security@…
Priority: major Milestone: milestone1
Component: security Version: 1.0
Severity: In WG Last Call Keywords:
Cc:

Description

Aside from the threats described in the document, a few others come to mind. It might be useful for the document to state explicitly why or why not these are out of scope:

  1. Live versus replayed streams. While you might have media security, this doesn't tell you whether the stream is actually originating from a device or is being replayed.
  1. Prank calling. While the document talks about permission to make calls, it doesn't mention permission to receive or blocking of unwanted calls.

Change History (0)

Note: See TracTickets for help on using tickets.