top | item 44176012

(no title)

ebfe1 | 9 months ago

I don't see mentioning of e2e encryption, that would be nice but I love the webrtc usage here!

Shameless plug: I built small file sharing tool with encryption in browser and added a "tunnel" feature to make it easier for sharing between personal devices : https://www.relaysecret.com/tunnel/

The aes256 key is derived from hashing the tunnel name but never sent back to backend as it is behind anchor tag and the tunnel name is derived from substring of this hash. It is quite fun to use and share files. The file never lives more than 10 days (bucket lifecycle) but user can reduce this to delete upon download and the code can easily be reviewed (back end is a single lambda function to generate signed url):)

discuss

lxgr|9 months ago

WebRTC connections are inherently end-to-end encrypted.

They use a self-signed certificate for DTLS-SRTP, and the fingerprint of that is sent over the signalling channel.