[rtcweb] IP handling text
Ted Hardie <ted.ietf@gmail.com> Fri, 08 April 2016 17:54 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E01A912D4FE for <rtcweb@ietfa.amsl.com>; Fri, 8 Apr 2016 10:54:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nldqX166OJSy for <rtcweb@ietfa.amsl.com>; Fri, 8 Apr 2016 10:54:35 -0700 (PDT)
Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1E6212D0EA for <rtcweb@ietf.org>; Fri, 8 Apr 2016 10:54:34 -0700 (PDT)
Received: by mail-oi0-x236.google.com with SMTP id y204so144653435oie.3 for <rtcweb@ietf.org>; Fri, 08 Apr 2016 10:54:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=H9yMaDwIqW65x9wTGop7afBQqIShHeELh+iibx+Vp78=; b=Dw5t3V+6oEpl4ewljcsRmIbS59CO8M2HfL05Gni4pYEsIgH0LguAL5yzyVt3XlLzi3 kAZ/JBzqdmCh4mYPO82mImz4ytnY7v4WLHE1EU0qKqKiRlT7hskqr2gPwWbRgIRoBgMd NCd+nr3VGeS8JuB9ZPpC3wIWT+h/SZKRrnmJHJFONC3IcxwBNe0BNur7dc4iBYoo16vh wdqn5ZUsuSZdbN3Ez5/9m+7WkXlGCXS+koYEjYP9DTEnGoJLQGA+s08mskQM0UtoPkBh M1T9+fb2TNy0ob5nUGd5fsdewpREcwsAX3AfgCxit9zDSosq2DZFwkq8JDiHgNsmQPu1 RW1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=H9yMaDwIqW65x9wTGop7afBQqIShHeELh+iibx+Vp78=; b=QGuC5ppzPEyxQLxdsszuZdzX4mBxR3+Tq5/ZMEX0OLBBehOjTJzrLSnJhKyAsxqckR VerfVSJlU+iC4FcO5hBFAw+c6POM8y5W/XvI/Y/ARcM+EawBu9BmmCmBsYg6hEfVWadQ xALwGSBRf7MO3nFJ5VGHKSTsv5SYTuwZO7Iz8zljHncYUuPoxvsguqKWtMEX7apkIj/v UH70YpIQzvMvV1AXdSFOBWvPi1I2ZdGLiUYGTc0rsEufJv2AzCsefMQaqbvsNvkm4l+b UPEpt+R67B8OmzLUhMYTDbmXn8+VrA0jgxydsFrYdJbWzioL5+16I9HzXSiHVGo5DoNm UB2w==
X-Gm-Message-State: AD7BkJIG2pdCQZKbx4d53FAc8ZMZLKAI9U9P2sEx2/c+OOZyV/B3MI9oz2zaaPL/lwQnYUfF8w2X8I80/qj0/Q==
X-Received: by 10.202.169.212 with SMTP id s203mr4378869oie.35.1460138074323; Fri, 08 Apr 2016 10:54:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.22.156 with HTTP; Fri, 8 Apr 2016 10:54:14 -0700 (PDT)
From: Ted Hardie <ted.ietf@gmail.com>
Date: Fri, 08 Apr 2016 14:54:14 -0300
Message-ID: <CA+9kkMAGPVedzWOf06v+daPU-UpwmB7=7ceRZ8TfUbk=gFzd4g@mail.gmail.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="001a113ce79e3e422d052ffce334"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/8X6XvGWoF2qKkGHVL-ot26Tb7qw>
Subject: [rtcweb] IP handling text
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 17:54:37 -0000
Sorry that we were not able to get to the slides on this during the WG meeting. Here's the proposal from Justin, taken for the slides he prepared. Original text: WebRTC incorporates an explicit permission grant for access to local audio and video, which are typically much more sensitive than the aforementioned IP address information. If the user has consented to media access, this should also allow WebRTC to gather all possible candidates and determine the absolute best route for media traffic. Proposed replacement: Gathering all possible candidates SHOULD only be performed upon user consent, which thwarts the typical drive-by enumeration attacks. The details of this consent are left to the implementation; one potential mechanism is to key this off getUserMedia consent. The getUserMedia suggestion takes into account that the user has provided some consent to the application already; that when doing so the user typically wants to engage in a conversational session, which benefits most from an optimal network path, and lastly, the fact that the underlying issue is complex and difficult to explain, making explicit consent for enumeration troublesome.
- [rtcweb] IP handling text Ted Hardie
- [rtcweb] IP handling text Martin Thomson