IETF Logo Mail Archive

Re: [rtcweb] Please require user consent for data channels

Bernard Aboba <bernard.aboba@gmail.com> Sun, 12 July 2015 22:03 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 564DF1A886D for <rtcweb@ietfa.amsl.com>; Sun, 12 Jul 2015 15:03:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FeBRZiH8cNLP for <rtcweb@ietfa.amsl.com>; Sun, 12 Jul 2015 15:03:03 -0700 (PDT)
Received: from mail-pd0-x22d.google.com (mail-pd0-x22d.google.com [IPv6:2607:f8b0:400e:c02::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB30F1A8873 for <rtcweb@ietf.org>; Sun, 12 Jul 2015 15:03:03 -0700 (PDT)
Received: by pdbep18 with SMTP id ep18so213628803pdb.1 for <rtcweb@ietf.org>; Sun, 12 Jul 2015 15:03:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=dx5wBM8ep0rU8PFxe7engZgTEzR6YGu1T2VuPjdFuMw=; b=bhE+RYFmvAfrARxHfJSoubbUoVqsRWY55JK1Q/Y0wGUkxONSlDOuI/G3e07SeQp56w YRVbWDv6Z/ZxwoKmP25Lj5SvktMhHjc15uIbrV8ssTQURC3JM1qm5FS6x+5YW5KDobcH hXWqHz/zLN2lMW72raxDbswK1QD8e8OXp8fqD26bFXdGrDxr9C39EA1f3edYh6lSZF7x wBCFtVkfnUUfrZxrRBeQ/UkclWpXJLkeOh8bAmECUraAtLN6bpNZUI7b8LhqQ9Ey5zx5 6qOsYPFgoU+FJk2r1uTGLJak2H00jjX+MJxeYNy3n3c7SGJ8bD4RkvzP06YxSDSuweLY fLQw==
X-Received: by 10.70.42.233 with SMTP id r9mr62873071pdl.140.1436738583521; Sun, 12 Jul 2015 15:03:03 -0700 (PDT)
Received: from [10.69.168.48] ([166.170.36.144]) by smtp.gmail.com with ESMTPSA id x12sm487742pdj.83.2015.07.12.15.03.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 12 Jul 2015 15:03:01 -0700 (PDT)
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <C90F0318-A9EF-44FF-BF8A-94B2EB236682@gmail.com>
X-Mailer: iPhone Mail (12H143)
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Sun, 12 Jul 2015 15:02:58 -0700
To: Daniel Roesler <diafygi@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/KIVqmUiteBXP1MhFxzz3uivLg2I>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jul 2015 22:03:05 -0000

Consent is an API issue not a protocol and therefore is owned by W3C, not IETF. Why not take it up there?



> On Jul 11, 2015, at 9:42 AM, Daniel Roesler <diafygi@gmail.com> wrote:
> 
> Howdy all, this is mostly a re-surfacing of the discussion about IP
> address leaking back in April[1], which unfortunately I did not
> discover until recently.
> 
> One of the items in the new proposal was "WebRTC already requires
> permission to access getUserMedia. Why not use that permission to
> control interface enumeration?" That item didn't really get discussed
> much in the thread, but I think it's one of the most important issues.
> 
> Why? There is now a documented case where a third party on nytimes.com
> is using a fake webRTC datachannel to silently gather user local (and
> potentially "real" ISP) IP addresses.
> 
> https://twitter.com/incloud/status/619624021123010560
> 
> So I'd like to voice my support for adding a consent requirement that
> would prevent this type of silent behavior. A user that is
> purposefully visiting a site that has a legitimate reason for using a
> webRTC data channel will have the necessary context to give consent,
> just like they have to get consent on getUserMedia.
> 
> I'm really unclear on why it's so important to have the silent webRTC
> data channel behavior. P2P data connections should be held to the same
> consent requirements just like P2P video and voice connections. In
> addition to the silent third party local IP tracking, a silent P2P
> data channel opens up users to silently becoming nodes in a web-based
> file sharing network. For example, webtorrent[2] can be silently
> embedded on a website so that all of the users to that website start
> seeding content they don't know they are seeding.
> 
> Possible fix:
> 
> 1. Require user consent before calling the callback on createOffer().
> 2. If the user has already given consent via getUserMedia, the user
> consent requirement is satisfied.
> 3. If there's no previous gUM consent, then ask the user for consent.
> 
> This implementation requires no updates to current webRTC demos, since
> you have to wait for a callback on createOffer anyway. I'm open to
> other ways, such as making createDataChannel asynchronous like gUM,
> but that would require updates to existing apps that use
> createDataChannel.
> 
> Thanks!
> Daniel Roesler
> 
> [1]: https://www.ietf.org/mail-archive/web/rtcweb/current/msg14494.htm
> [2]: https://github.com/feross/webtorrent
> 
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email