"I don’t recall, and I don’t see anything in the notes or email consensus call, that would suggest the consensus included anything along the lines “it’s okay to let the js application have the media keys.”
[BA] The PERC framework document only mentions that the endpoint is trusted, but does not go into further detail. That detail becomes important when attempting to understand the provable security properties of PERC (e.g. what attacks are prevented, what attacks are still allowed). As an example, if the goal is not only to protect against access to cleartext media within the MDD, but also the ability of endpoints to mis-use the cleartext media (e.g. to create "deep fakes"), then it is necessary to restrict access to cleartext media within the PERC application itself (e.g. no ability to record or even modify cleartext media). That goes beyond the "no access to media keys in JS" dictum to "no access to cleartext media for any PERC application, native or Web". Once you've gone there, the distinction between the problem solved by PERC and content protection technologies begins to disappear. Keep in mind though that technologies such as EME are transport-independent - EME can be used when transporting media over the SCTP data channel, for example.
On Wed, Feb 13, 2019 at 11:16 PM Sergio Garcia Murillo <sergio.garcia.murillo@xxxxxxxxx> wrote:
El jue., 14 feb. 2019 2:01, Bernard Aboba <bernard.aboba@xxxxxxxxx> escribió:On Feb 13, 2019, at 3:47 PM, Sergio Garcia Murillo <sergio.garcia.murillo@xxxxxxxxx> wrote:[BA] In particular, reusing an SSRC for the “dominant speaker” (which can change) is a common practice with switching of audio and video going together.All SFUs I am aware of performs SSRC rewriting, it is much more than implementation convenience.
would love to see how simulcast is expected to work without ssrc rewriting (and without mid)Best regardsSergio