undefined | Better HN

0 pointshowtofly9mo ago0 comments

Should users trust the signaling server? IIRC, the signaling server can easily intervene SDP offer/answer so that it can intercept user files or instruct users to send files wherever it wants.

0 comments

goodpanda9mo ago

Oh I see what you are saying. Yeah I guess if we didn't know what the signalling server was doing, that would be a valid argument. But in my case we can see the server code is pure and simple. Unless you mean there's a bug that allows an attacker to do that?

Either way, would love to know your thoughts on improving trust with this.

j / k navigate · click thread line to collapse

0 pointshowtofly9mo ago0 comments

Should users trust the signaling server? IIRC, the signaling server can easily intervene SDP offer/answer so that it can intercept user files or instruct users to send files wherever it wants.

0 comments

goodpanda9mo ago

Either way, would love to know your thoughts on improving trust with this.

j / k navigate · click thread line to collapse