On Thu, Mar 17, 2011 at 9:24 PM, Glenn Maynard wrote:
> On Thu, Mar 17, 2011 at 11:07 PM, Adam Barth wrote:
>>> But you get this with a per-connection (not per-packet) nonce and CTR's
>>> sequence number. You don't need a unique 16-byte nonce for each packet.
>>
>> The attacker observes each pac
On Thu, Mar 17, 2011 at 11:07 PM, Adam Barth wrote:
>> But you get this with a per-connection (not per-packet) nonce and CTR's
>> sequence number. You don't need a unique 16-byte nonce for each packet.
>
> The attacker observes each packet once delivered, so you need a new
> nonce for each packet
On Thu, Mar 17, 2011 at 7:51 PM, Glenn Maynard wrote:
> On Thu, Mar 17, 2011 at 9:28 PM, Adam Barth wrote:
>> So, the salt and the nonce play different roles. The salt is to make
>> sure the message appears random if you haven't read the spec (and so
>> don't know the salt). The nonce is to pre
On Thu, Mar 17, 2011 at 9:28 PM, Adam Barth wrote:
> So, the salt and the nonce play different roles. The salt is to make
> sure the message appears random if you haven't read the spec (and so
> don't know the salt). The nonce is to prevent the attacker from
> crafting plaintexts that encrypt t
On Thu, Mar 17, 2011 at 6:21 PM, Glenn Maynard wrote:
> On Thu, Mar 17, 2011 at 8:06 PM, Adam Barth wrote:
>> The encryption serves two purposes. First, it provides
>> confidentiality from eavesdroppers, as you appear to be aware.
>> Second, it provides a defense against cross-protocol attacks,
On Thu, Mar 17, 2011 at 8:06 PM, Adam Barth wrote:
> The encryption serves two purposes. First, it provides
> confidentiality from eavesdroppers, as you appear to be aware.
> Second, it provides a defense against cross-protocol attacks, which is
> why the salt and the per-message nonce are impor
On Thu, Mar 17, 2011 at 6:45 PM, Tim Down wrote:
> Is a column full of
>
> "Exception: [Exception... "Not enough arguments" nsresult: "0x80570001
> (NS_ERROR_XPC_NOT_ENOUGH_ARGS)" location: "JS frame ::
> http://aryeh.name/spec/editcommands/implementation.js :: getState ::
> line 1046" data: no]"
Hi Glenn,
The encryption serves two purposes. First, it provides
confidentiality from eavesdroppers, as you appear to be aware.
Second, it provides a defense against cross-protocol attacks, which is
why the salt and the per-message nonce are important.
Theoretically, we could just use an initial
On Thu, Mar 17, 2011 at 3:31 PM, Aryeh Gregor wrote:
> * In one case, the spec adds around a single space, while WebKit
> doesn't; I'm inclined to say this is a WebKit bug (which also occurs
> in my spec implementation as viewed in WebKit, but not Firefox, since
> WebKit mangles ranges when you a
Is a column full of
"Exception: [Exception... "Not enough arguments" nsresult: "0x80570001
(NS_ERROR_XPC_NOT_ENOUGH_ARGS)" location: "JS frame ::
http://aryeh.name/spec/editcommands/implementation.js :: getState ::
line 1046" data: no]"
the expected result in Firefox 3.6.15?
I'm interested in th
I just rewrote the spec, and it's now both shorter and produces better
results. For a quick view of the results, as compared to the browser
you're currently using, you can look here:
http://aryeh.name/spec/editcommands/autoimplementation.html
That link isn't stable, and will change and possibly
PeerConnection defines packet encryption, but it uses AES-128-CTR
without actually defining the counter. It also generates a new AES
key for each packet. A major point of using CTR is to not have to do
that; you have a single key and vary the counter.
The inputs to AES-128-CTR are a key, a count
On Thu, 17 Mar 2011 17:51:08 +0100, Olli Pettay
wrote:
On 03/17/2011 06:31 PM, Philip Jägenstedt wrote:
On Thu, 17 Mar 2011 16:48:40 +0100, Olli Pettay
wrote:
On 03/17/2011 03:11 PM, Lachlan Hunt wrote:
On 2011-03-16 19:29, Olli Pettay wrote:
Perhaps navigator.getUserMedia("audio,video"
On 03/17/2011 07:41 PM, Lachlan Hunt wrote:
On 2011-03-17 16:48, Olli Pettay wrote:
... src property definition needs to be changed
from DOMString to any.
That would be strange and make API inconsistent with and
for example.
This is getting a bit off topic, but it would be better if they w
On 2011-03-17 16:48, Olli Pettay wrote:
... src property definition needs to be changed
from DOMString to any.
That would be strange and make API inconsistent with and
for example.
This is getting a bit off topic, but it would be better if they were
also modified so that authors could, ins
On 03/17/2011 06:31 PM, Philip Jägenstedt wrote:
On Thu, 17 Mar 2011 16:48:40 +0100, Olli Pettay
wrote:
On 03/17/2011 03:11 PM, Lachlan Hunt wrote:
On 2011-03-16 19:29, Olli Pettay wrote:
Perhaps navigator.getUserMedia("audio,video", success, error);
could return an url to the device in the
On Thu, 17 Mar 2011 16:48:40 +0100, Olli Pettay
wrote:
On 03/17/2011 03:11 PM, Lachlan Hunt wrote:
On 2011-03-16 19:29, Olli Pettay wrote:
Perhaps navigator.getUserMedia("audio,video", success, error);
could return an url to the device in the success callback, and that url
could be then set
On 03/17/2011 03:11 PM, Lachlan Hunt wrote:
On 2011-03-16 19:29, Olli Pettay wrote:
Perhaps navigator.getUserMedia("audio,video", success, error);
could return an url to the device in the success callback, and that url
could be then set to video.src.
The creation of a URL is unnecessary indire
On 2011-03-16 19:29, Olli Pettay wrote:
Perhaps navigator.getUserMedia("audio,video", success, error);
could return an url to the device in the success callback, and that url
could be then set to video.src.
The creation of a URL is unnecessary indirection. It's easier to avoid
creating specia
All,
we've done a quick read through of the updated APIs and tools for "Video
conferencing and peer-to-peer communication" from the latest whatwg html draft.
Generally we think it is much improved over the last version, and especially a
lot of details are clarified.
There are detailed comments
On 2011-03-17 04:22, Robert O'Callahan wrote:
On Thu, Mar 17, 2011 at 4:36 AM, Lachlan Huntwrote:
I'm not entirely sure I understand your proposal, but are you suggesting
that the input streams from the camera/microphone would first go to
and elements, allowing the existing HTMLMediaElement AP
21 matches
Mail list logo
