Opened 8 years ago

#8 new defect

Section 4.3.1: PFS

Reported by: bernard_aboba@… Owned by: draft-ietf-rtcweb-security@…
Priority: major Milestone: milestone1
Component: security Version: 1.0
Severity: In WG Last Call Keywords:
Cc:

Description

It is this consideration that makes an
automatic, public key-based key exchange mechanism imperative for
RTC-Web (this is a good idea for any communications security system)
and this mechanism SHOULD provide perfect forward secrecy (PFS).

[BA] Do we mean "SHOULD support" PFS or "SHOULD use"? I don't believe that DTLS/SRTP-EKT provides PFS. Also, is there any implication that the user should be able to somehow influence whether PFS is required or not?

Change History (0)

Note: See TracTickets for help on using tickets.