WebRTC Security

I wrote a video chat app based on WebRTC: brie.fi/ng. Until getting a lot of feedback on HackerNews I was under the impression everything was safe and end-to-end encrypted (e2ee).

Signal Server

Before peers can communicate they need to first get connected. A simple WebSocket based server app is doing that for Briefing by advertising other peers being in the same "room". They can the exchange the SDP to actually open the WebRTC session between two peers.