A WebRTC Extension to Allow Identity Negotiation at Runtime
- First Online:
- Cite this paper as:
- Corre K., Bécot S., Barais O., Sunyé G. (2017) A WebRTC Extension to Allow Identity Negotiation at Runtime. In: Cabot J., De Virgilio R., Torlone R. (eds) Web Engineering. ICWE 2017. Lecture Notes in Computer Science, vol 10360. Springer, Cham
In this paper we describe our implementation of the WebRTC identity architecture. We adapt OpenID Connect servers to support WebRTC peer to peer authentication and detail the issues and solutions found in the process. We observe that although WebRTC allows for the exchange of identity assertion between peers, users lack feedback and control over the other party authentication. To allow identity negotiation during a WebRTC communication setup, we propose an extension to the Session Description Protocol. Our implementation demonstrates current limitations with respect to the current WebRTC specification.