Explore the security aspects of WebRTC in this comprehensive conference talk. Gain insights into the emerging web-based peer-to-peer technology, its architecture, and enabling technologies such as STUN, TURN, ICE, and DTLS-SRTP. Examine various deployment scenarios and identify basic security characteristics of WebRTC. Delve into the impact of WebRTC on the current web security model, uncovering potential weaknesses and open security challenges. Learn about the WebRTC permission model, privacy implications, and potential network attacks. Investigate endpoint authenticity, identity provisioning, and fingerprinting concerns. Analyze WebRTC weaknesses, including issues with identity providers and automatic identity assertions. Conclude with a discussion on the security consequences, web permission model, and new browser capabilities introduced by WebRTC. Benefit from resources such as WebRTC Magazine and the Client-side Web Security Handbook to further your understanding of this technology. Read more