"Or what we do in WebRTC, which uses a certificate that has no good information in it?”
+1. Anxiously waiting for response on this, as I am currently helping non-profit groups build a private and secure P2P Messaging System using WebRTC, which of course utilizes encrypted P2P connection between two browsers (A centralized signaling server must be at the middle as a broker for the sessions) The DTLS handshake performed between two WebRTC clients re-lies on self-signed certificates. As a result, the certificates themselves cannot be used to authenticate the peer, as there is no explicit chain of trust to verify. Ron From: TLS <tls-boun...@ietf.org<mailto:tls-boun...@ietf.org>> on behalf of Martin Thomson <martin.thom...@gmail.com<mailto:martin.thom...@gmail.com>> Date: Friday, August 28, 2015 at 11:44 AM To: Eric Rescorla <e...@rtfm.com<mailto:e...@rtfm.com>> Cc: "tls@ietf.org<mailto:tls@ietf.org>" <tls@ietf.org<mailto:tls@ietf.org>> Subject: Re: [TLS] Deprecate DH_anon in favor of raw public keys? Or what we do in WebRTC, which uses a certificate that has no good information in it? ________________________________ CONFIDENTIALITY NOTICE: This e-mail and any files attached may contain confidential information of Five9 and/or its affiliated entities. Access by the intended recipient only is authorized. Any liability arising from any party acting, or refraining from acting, on any information contained in this e-mail is hereby excluded. If you are not the intended recipient, please notify the sender immediately, destroy the original transmission and its attachments and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Copyright in this e-mail and any attachments belongs to Five9 and/or its affiliated entities.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
