The Avaya WebRTC solution uses the web intensively to make media calls from a standard web browser in the internet, into internal and secure communication premises in the enterprise.
Which statement about security between the Enterprise-edge and those standard Web browsers in the internet is true?
Validation of the authorization token.
The WebRTC Snap-in will validate the authorization token created and encrypted by the web server. If the snap-in can decrypt the token and ensure that the time stamp is valid, it knows that the incoming HTTP request is valid. The time stamp will usually be short lived; on the order of 5-10seconds to protect against reply attacks.
References: Avaya WebRTC Snap-in Reference, Release 3.1 (May 2016), page 27
https://downloads.avaya.com/css/P8/documents/101013939
Currently there are no comments in this discussion, be the first to comment!