IETF Logo Mail Archive

Re: [rtcweb] Please require user consent for data channels

Iñaki Baz Castillo <ibc@aliax.net> Fri, 17 July 2015 23:35 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F7011A92DD for <rtcweb@ietfa.amsl.com>; Fri, 17 Jul 2015 16:35:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J_KO2DTiOugN for <rtcweb@ietfa.amsl.com>; Fri, 17 Jul 2015 16:35:13 -0700 (PDT)
Received: from mail-yk0-f171.google.com (mail-yk0-f171.google.com [209.85.160.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0F861A8A65 for <rtcweb@ietf.org>; Fri, 17 Jul 2015 16:35:12 -0700 (PDT)
Received: by ykay190 with SMTP id y190so101558031yka.3 for <rtcweb@ietf.org>; Fri, 17 Jul 2015 16:35:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=7y6MIOB9m7CJX5j7NFtEVvYGXVclacBBC7mGK8ap75g=; b=hXr9oB5U4Roci+aCBYVr2WV1gOp6g6SqHlJTC5ZDc9IviaSr6aADwKDgNF2YocsTwP 2FqW/1ArfkC1r4z2DjI7F+qncHCfEq3oRWYO1CjSwNzNf8rxfpsLnB/znp6JAe3O7CG5 EvHsB+XeWtdYsXIfxQbo+x7ts+w4YGJieZ3QUUFPZ5ooxzsjpsBF4Hb+lt6fRqauqARG VDGeMdX8qZZExL6E52MOPNyOXCz8LHFGVRgEp+MHfGkTIpJzwmPD9+gEFT3zC50VQy7y 1jPK1KYvblUFhMYIs+atnpv3I7ZL94XiSkRJqpSEK12ORyG2kVHtMPfMiasrj4+VXc5m mwDg==
X-Gm-Message-State: ALoCoQl7co8JOl/M0pyl8GNVuhokuGUApRVw9rhERYfAZyN5BrY8JIJqskFiAEL5LbQ7v4UEQNhn
X-Received: by 10.13.255.2 with SMTP id p2mr843939ywf.149.1437176112257; Fri, 17 Jul 2015 16:35:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.215.206 with HTTP; Fri, 17 Jul 2015 16:34:52 -0700 (PDT)
In-Reply-To: <CAOJ7v-3LGd32rnpFVW_U0s3+iVaJXsL4vt_YAo=cyp6YyOArdw@mail.gmail.com>
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com> <CAOJ7v-0UBGtP0-atxP7X4OTj-H6Lost5o42aAS65mA6CEqcQsw@mail.gmail.com> <CA+65OsrhXHK+cRAFLCZFt+34vr8eRhj+CN3DgznUBfSwmWYggw@mail.gmail.com> <CAOJ7v-24VCW6kkn7LOLkqZzhYEU0r=nmd_F7Zns1rnyqKN6xAg@mail.gmail.com> <55A95364.2070806@gmail.com> <CAOJ7v-3t9BQabR2e4EHs4G0Sec4sU9DFC2aiSXXYrat+an+RYg@mail.gmail.com> <55A96DA3.1040907@gmail.com> <CAOJ7v-1ui7349NzK6NZNRHPbnHWZajctk4cDgMKqRZSv47EYdA@mail.gmail.com> <55A9860D.8030903@gmail.com> <CAOJ7v-3LGd32rnpFVW_U0s3+iVaJXsL4vt_YAo=cyp6YyOArdw@mail.gmail.com>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Sat, 18 Jul 2015 01:34:52 +0200
Message-ID: <CALiegfmiS18Jux-kCgOhTKKiyGtMertj6xCegpFrox5NOf9EJg@mail.gmail.com>
To: Justin Uberti <juberti@google.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/65TIdxYB7BZ8pd1WxVCob6g-XAc>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2015 23:35:15 -0000

2015-07-18 1:09 GMT+02:00 Justin Uberti <juberti@google.com>:
> It is pretty clear from the diagram on page 10 that for each host candidate
> X:x, the agent will gather a srflx candidate X1':x1' and relay candidate
> Y:y. This is also spelled out in the text underneath the diagram:
>
>    When the agent sends the TURN Allocate request from IP address and
>    port X:x, the NAT (assuming there is one) will create a binding
>    X1':x1', mapping this server reflexive candidate to the host
>    candidate X:x.
>
> Ergo, one tries to gather srflx and relay candidates for each host candidate
> X:x.

That's not what I understand.

What I understand is that the browser should bind on 0.0.0.0 (or ::0)
and send the STUN/TURN request, and the underlying OS would decide the
proper interface and source IP. So probably just one or two (IPv4 and
IPv6) STUN/TURN attempts would be performed during the gathering, and
when *that* happens the quoted text above applies (being X the IP of
the candidate matching the source IP chosen by the OS to route the
STUN/TURN request).

Said that, and omitting the above confusing text: what is the purpose
of sending STUN/TURN requests over all the interfaces? How is that
good at all? AFAIK in most cases that will just mean timeouts waiting
for STUN responses (which is bad if trickle ICE is not being used).

To be even more clear: STUN/TURN servers are typically in the public
Internet, although they may also be placed in local networks. Anyhow,
computers within that network have a single and already configured
route to reach the STUN/TURN server (usually the default route).
Sending STUN/TURN requests from other interfaces will just fail.


-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email