Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling
T H Panton <thp@westhawk.co.uk> Sun, 01 April 2018 11:32 UTC
Return-Path: <thp@westhawk.co.uk>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AFAF124207 for <rtcweb@ietfa.amsl.com>; Sun, 1 Apr 2018 04:32:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r2XzfEgUh04l for <rtcweb@ietfa.amsl.com>; Sun, 1 Apr 2018 04:32:42 -0700 (PDT)
Received: from smtp001.apm-internet.net (smtp001.apm-internet.net [85.119.248.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFC5112025C for <rtcweb@ietf.org>; Sun, 1 Apr 2018 04:32:41 -0700 (PDT)
Received: (qmail 21863 invoked from network); 1 Apr 2018 11:32:39 -0000
X-APM-Authkey: 255286/0(159927/0) 100
Received: from unknown (HELO zimbra003.verygoodemail.com) (85.119.248.218) by smtp001.apm-internet.net with SMTP; 1 Apr 2018 11:32:39 -0000
Received: from localhost (localhost [127.0.0.1]) by zimbra003.verygoodemail.com (Postfix) with ESMTP id EFF7818A0E46 for <rtcweb@ietf.org>; Sun, 1 Apr 2018 12:32:38 +0100 (BST)
Received: from zimbra003.verygoodemail.com ([127.0.0.1]) by localhost (zimbra003.verygoodemail.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 9O3xzzr159CJ for <rtcweb@ietf.org>; Sun, 1 Apr 2018 12:32:38 +0100 (BST)
Received: from [192.67.4.33] (unknown [192.67.4.33]) by zimbra003.verygoodemail.com (Postfix) with ESMTPSA id CA3C518A01CB for <rtcweb@ietf.org>; Sun, 1 Apr 2018 12:32:38 +0100 (BST)
From: T H Panton <thp@westhawk.co.uk>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Sun, 01 Apr 2018 12:32:37 +0100
References: <1D5B431C-801E-4F8C-8026-6BCBB72FF478@sn3rd.com> <63282b84-4493-3fcb-a95f-4afe17d96bb6@cs.tcd.ie> <CAOJ7v-1gTq+EEjb+-q-T-pABBW--rpNGegoj_d2_7f7AKGksCA@mail.gmail.com> <403713b4-31d4-9085-d639-d3f60935ed5a@cs.tcd.ie> <CAOJ7v-0ED-FK=JmSxBJYfM=PCdgY6kmbiq6aFLcP7OXugG07EA@mail.gmail.com> <e6938f7d-542d-736b-0a3d-9269d7dd06e5@cs.tcd.ie> <CAOW+2dv1ORz2tEkgDTvdM1DtgyOdgXqKU30T4QhLAp1NT+rirg@mail.gmail.com> <CAOJ7v-0tCcg3FdzyfSJ6Y3JaH-TivFf-Sey6+tD8BANJKsjqtQ@mail.gmail.com> <1fceb3c4-35f3-34f7-de1d-79d5805e6d22@gmail.com> <9517D601-D3E8-46E1-94E5-7EC29FD6319B@sn3rd.com> <b5d323ac-2205-2aee-05c9-f270e80215f5@gmail.com> <CAOJ7v-0+hr-NddbLCwgjkfyEFEzoLYW8BcE5OYZ+HUiqDRnarg@mail.gmail.com> <0dee004d-159a-a9be-a0b8-ecbfd4204d72@gmail.com> <03D3C806-B93F-4CD0-B57B-507B07E869A0@westhawk.co.uk>
To: RTCWeb IETF <rtcweb@ietf.org>
In-Reply-To: <03D3C806-B93F-4CD0-B57B-507B07E869A0@westhawk.co.uk>
Message-Id: <540AF425-A798-41BB-8C22-9F697DF46117@westhawk.co.uk>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/Hue64lUdAdJ4Aym8nDrRnjsPn8s>
Subject: Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Apr 2018 11:32:46 -0000
Concretely could we adjust : " Mode 1 MUST only be used when user consent has been provided. The details of this consent are left to the implementation; one potential mechanism is to tie this consent to getUserMedia consent." to: " Mode 1 MUST only be used when a user's informed consent has been provided. The details of this consent are left to the implementation; one potential mechanism is to tie this consent to one of the the existing getUserMedia/location-access consents. Alternatively implementations can provide a separate mechanism to obtain user consent" - I'm no GDPR specialist, but I think adding 'informed' above may be wise. Likewise I believe even the non-normative language should be clearer about the possible implementation choices. Tim. > On 1 Apr 2018, at 01:12, westhawk <thp@westhawk.co.uk> wrote: > > GuM permission is the wrong trust measure here. > > So for example, If I use webRTC to get a realtime feed from a webcam/ baby monitor > then I won’t use GuM, all my recv_only video traffic will go via a TURN server > even if I’m on the same Wifi ? > > Likewise if I use webRTC DC to control my lighting, I get extra latency because > I don’t need GuM? > > (Both of these are real projects). > > My current workaround is to use the camera to scan a QR and piggyback off > that permission. (Which is crazy). > > The IP address reveal is unrelated to the UserMedia. > It is a ‘Trust/location' issue. > > Also - if GuM permission was granted for this origin, does this mean that > subsequent page loads that _don’t_ request GuM don’t get local candidates > even if they would get GuM if they asked for it? > (i.e. if I’ve once scanned a QR on this domain, do I always reveal my local/public IPs?) > > Try explaining the logic of any of that to anyone outside this group…. > > Tim. > >> On 1 Apr 2018, at 00:47, Lennart Grahl <lennart.grahl@gmail.com> wrote: >> >> On 01.04.2018 00:26, Justin Uberti wrote: >>> As stated before, this is not a problem unique to web browsers. That is, by >>> installing a mobile application, you implicitly allow it to use all of your >>> network interfaces. As such, trying to design browser mechanisms for >>> networking consent seems like misdirected effort. >> >> First of all, that comparison doesn't really work for me since an app is >> much less of a sandbox. So, I personally do not trust arbitrary websites >> but I do trust apps that I install (or I just don't install them, or I >> partially trust them and revoke some of the permissions they have). >> >> It's all about expectations: WebRTC networking is special - it does >> networking entirely different to what people were accustomed to in >> browsers. Which is probably why people are so irritated when they learn >> that it leaks IPs even though they've set a proxy or a VPN. And along >> with the argument that gUM just does not work for a bunch of use cases, >> that is the rationale for my suggestion towards a networking "consent" >> mechanism. With that mechanism in place the user has a voice, we cover >> more use cases, browsers can ship stricter modes by default without >> breaking everything we love about peer-to-peer connections and privacy >> extensions might consider dropping WebRTC from their blacklist. I >> honestly do not see this as being terribly misguided. >> >>> Perhaps the key issue here is the word 'consent'. If we replaced this with >>> some notion of 'trust', i.e., that the user has specifically engaged with >>> this app with the intent of having a communications session, maybe that >>> provides a way out, as one can easily claim that installed mobile >>> applications and web apps with gUM rights are 'trusted'. >> >> I'm sorry but I don't really see the difference. gUM requests a >> permission to access your camera and your microphone and then assumes >> you're "trusting" the page for something different as well. >> >>> >>> On Sat, Mar 31, 2018 at 3:18 AM Lennart Grahl <lennart.grahl@gmail.com> >>> wrote: >>> >>>> I really don't have a good suggestion other than being completely >>>> honest: "Hey user, I want to establish a direct connection - is that >>>> okay for you? Oh, and here is a help page that will tell you what impact >>>> this may have on your privacy..." >>>> >>>> These permission requests don't have to be mutually exclusive either. >>>> The above request could also be embedded inside the permission request >>>> for getUserMedia to avoid multiple requests: >>>> >>>> Camera to share: >>>> [WebCam 3000 |v] >>>> :WebCam 3000 : >>>> :WebCam 4000 : >>>> >>>> Direct connection: (?) <-- "help" button >>>> [No (Default) |v] >>>> :Yes : >>>> :Yes, but hide private addresses : >>>> :No (Default) : >>>> :No, and force using a proxy : >>>> >>>> [x] Remember the decision for this page >>>> >>>> [Don't allow] [Allow] >>>> >>>> Cheers >>>> Lennart >>>> >>>> On 31.03.2018 00:12, Sean Turner wrote: >>>>> >>>>> >>>>>> On Mar 29, 2018, at 23:48, Lennart Grahl <lennart.grahl@gmail.com> >>>> wrote: >>>>>> >>>>>> I'm fine with the modes, I don't have a strong opinion on whether or not >>>>>> an IETF document should include some form of "consent". But I do have a >>>>>> problem with the suggestion to use getUserMedia. Can we maybe remove it? >>>>> >>>>> As the draft shepherd, I’m trying to figure out how to draw this WGLC to >>>> a close all in the hopes that we can help each other get this RTCweb WG >>>> ship docked. >>>>> >>>>> As far as dropping the getUserMedia suggestion, I’m a little hesitant to >>>> just drop it at this late date. That suggestion has been in the draft >>>> since October 2016 and it’s stood the test of a couple of WG reviews; not >>>> last calls mind you but there’s been plenty of time for folks to say get >>>> that outta there. And technically, it’s just a suggestion with no >>>> normative language. So … maybe a happy middle ground is to have another >>>> suggestion so that there’s more than one potential mechanism? >>>>> >>>>> spt >>>>> >>>> >>> >> >> _______________________________________________ >> rtcweb mailing list >> rtcweb@ietf.org >> https://www.ietf.org/mailman/listinfo/rtcweb > > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Ted Hardie
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Cullen Jennings
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Ted Hardie
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Adam Roach
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Cullen Jennings
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Philipp Hancke
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Balwant Bisht
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lorenzo Miniero
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Iñaki Baz Castillo
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Bernard Aboba
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… T H Panton
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Eric Rescorla
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Cullen Jennings
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… T H Panton
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Philipp Hancke
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Andy Hutton
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Cullen Jennings
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Bernard Aboba
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Adam Roach
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Stephen Farrell
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Bernard Aboba
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lorenzo Miniero
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Balwant Bisht
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Adam Roach
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Cullen Jennings
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Nils Ohlmeier
- [rtcweb] Nils comments [Was: WGLC for draft-ietf-… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Nils Ohlmeier
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Nils Ohlmeier
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… westhawk
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Nils Ohlmeier
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Nils Ohlmeier
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Lennart Grahl
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Sean Turner
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Nils Ohlmeier
- Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handli… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Cullen Jennings
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Nils Ohlmeier
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Sean Turner
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Nils Ohlmeier
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Cullen Jennings
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Justin Uberti
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Nils Ohlmeier
- Re: [rtcweb] Nils comments [Was: WGLC for draft-i… Sean Turner