I am currently building a real time video chat healthcare app with opentok api, whose technology is largely built on WebRTC and would like to know how the overall security-aspect is handled.
Asked
Active
Viewed 3,602 times
1 Answers
9
In short, yes. All WebRTC media streams are encrypted.
Since WebRTC is a working spec, here is what I currently know as of July 8, 2013.
All webRTC streams are encrypted with 128-bit AES. Whether that is sufficient for HIPAA compliance or satisfy other health and technology requirements would require more research and knowledge about healthcare.
For an updated documentation about security for WebRTC I would look at IETF docs.
http://www.ietf.org/rfc/rfc3711.txt
http://www.ietf.org/rfc/rfc5764.txt
Here is the proposed security architecture: http://www.ietf.org/proceedings/82/slides/rtcweb-13.pdf
songz
- 2,072
- 1
- 13
- 18
-
I'm more concerned about how safe this is against the NSA and CSEC (in Canada) – Feb 01 '14 at 14:45
-
I'm not sure how CSEC works but as Edward Snowden heroically revealed, what NSA wants NSA gets. I don't think anything is 100% safe from NSA. – songz Feb 04 '14 at 00:02