Overview
Syllabus
Introduction
Agenda
What is WebRTC
Peertopeer browser communication
WebRTC architecture
Communication protocols
Session description protocol
Networking
Identity provisioning
Questions
General Observations
WebRTC Permission Model
Do you want to be involved
Two packs of privacy
What happens if you eavesdrop
Network attacker
DTLS
Maninthemiddle
Clone video
Endpoint authenticity
Identity provider
Fingerprinting
IP addresses
WebRTC weaknesses
Identity providers
Automatic identities assertions
Automatic identities assertion attack
Wrapup
Security consequences
Web permission model
Webpart authentication
New browser capabilities
Resources
WebRTC Magazine
Clientside Web Security Handbook
Any questions
Taught by
Devoxx