Skip to toolbar

Community & Business Groups

RTC model has a low security management

A browser client can accept a RTC connection from any other client. The connection is established using a offer/answer model. It is good model surely but how can i understand if the offer contains the properties of connection i m expecting? The problem seams in particular about data channels. In SDP protocol for now  there is no information about the count/identifiers  of datachannels …. so a bad client could send a offer for 100000 datachannels  when the other peer was expecting 1 datachannel. Same problem in renegotiation of offer/answer. For my opinion it was better to introduce a more adavanced security management in the native RTC model instead to leave to develop it by  web developer.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Before you comment here, note that this forum is moderated and your IP address is sent to Akismet, the plugin we use to mitigate spam comments.

*