IETF Logo Mail Archive

[rtcweb] Nils comments [Was: WGLC for draft-ietf-rtcweb-ip-handling]

Justin Uberti <juberti@google.com> Mon, 16 April 2018 22:28 UTC

Return-Path: <juberti@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7917A12EAA5 for <rtcweb@ietfa.amsl.com>; Mon, 16 Apr 2018 15:28:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h353UNYdfCVv for <rtcweb@ietfa.amsl.com>; Mon, 16 Apr 2018 15:28:24 -0700 (PDT)
Received: from mail-ua0-x22e.google.com (mail-ua0-x22e.google.com [IPv6:2607:f8b0:400c:c08::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73169129C51 for <rtcweb@ietf.org>; Mon, 16 Apr 2018 15:28:24 -0700 (PDT)
Received: by mail-ua0-x22e.google.com with SMTP id t4so5498208ual.1 for <rtcweb@ietf.org>; Mon, 16 Apr 2018 15:28:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KnucPYKpklyLn5u6zQUuNBpw4/3TRYw649cNGI4SFCI=; b=su/Q3Z+/h5vy0KTexTcYA3vz9iCVJ6HHD59VlAUzjOdg/t8/l6aWXMF/+hkY/95Mnt 64RgJfSSjV1d++zGwX2dYxWbjtCe1D3Ze5jExmEcq6SlOM3JwLVakzU2tG85XVhEqv70 l5jMEmLHZuB9CASLkHAycebQsW9bl8QdoDyfq6NgS2dBGz2i7MFrM63M+3pn/fQXcB1U mjlw3RBmzEhNj+jPUoNdlX9ZVEe+kdDzGFIKTqtoebT6S1R6KlVeh22hGyaZQyuWDcZP 2FgRGoXZDGrPMFUrmkTS8jdYMs21uJJ3RWdiSBpKFTlfGi5YSI5YvhcmdDiwlDtokz0x ApPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KnucPYKpklyLn5u6zQUuNBpw4/3TRYw649cNGI4SFCI=; b=lc6V53dSSgyMR9UaJrAQjcnvRHbABZoKt8nzQJAav2/E+73JZbWbLLUD9OtTfdKlKL QjwdF18yDS00yYamOcuT5d3j3uA8MzB2DAprhsfJ0jlahpaGrIH2oWI5M0iGgQhEXRRV 5u39VfvPVsVJuwmHrjte6H7xs8UFe0L09KGhxduQz+onNvDX1lebbJ2EFFaUTiZJPDC/ 2QGj1IuTFbKviCBcmqxobhl0Jkutft3yTf4g2pNEzlMIB3ingOhTZgMP30s63JpCFRUr xV6XOCASScAqqTGRG8bFOLL5kMHC8efRxcEFvUzyyqtfNDYc8IYmkUYnk11qh02iorxk IHQA==
X-Gm-Message-State: ALQs6tA9ZO4revmeVJ1n0SwCzvHzoLZDkYqWI9h5RYYPtkTHM0lcp5NJ WxGOs8k5c8YISk3YRRee83QLtDJ/SVr20eBseMY2RA==
X-Google-Smtp-Source: AIpwx48NxkCA3yivw1VzR4LE6HskoV9MIKJp0p/lyKMTPnHL7Qd3a0fO4gUVRsEh+0qqip2h6q02tWj/KKU6kQJ18Vs=
X-Received: by 10.159.35.105 with SMTP id 96mr6540930uae.100.1523917702871; Mon, 16 Apr 2018 15:28:22 -0700 (PDT)
MIME-Version: 1.0
References: <1D5B431C-801E-4F8C-8026-6BCBB72FF478@sn3rd.com> <F9EB7388-9E76-43E0-8C9B-61D3E50357F7@mozilla.com>
In-Reply-To: <F9EB7388-9E76-43E0-8C9B-61D3E50357F7@mozilla.com>
From: Justin Uberti <juberti@google.com>
Date: Mon, 16 Apr 2018 22:28:12 +0000
Message-ID: <CAOJ7v-38kH4peZVVJU8itve2P+93eGaVdJ60MVcaRo3Xu86uTQ@mail.gmail.com>
To: Nils Ohlmeier <nohlmeier@mozilla.com>
Cc: Sean Turner <sean@sn3rd.com>, RTCWeb IETF <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="001a11352a0659451c0569febdf1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/N44due2pcmxK9CCD5BOddnDEB0g>
Subject: [rtcweb] Nils comments [Was: WGLC for draft-ietf-rtcweb-ip-handling]
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Apr 2018 22:28:30 -0000

On Mon, Apr 16, 2018 at 3:24 PM Nils Ohlmeier <nohlmeier@mozilla.com> wrote:

>
> On Mar 7, 2018, at 11:49, Sean Turner <sean@sn3rd.com> wrote:
> This is the WGLC for the "WebRTC IP Address Handling Requirements” draft
> available @
> https://datatracker.ietf.org/doc/draft-ietf-rtcweb-ip-handling/.  Please
> review the draft and send your comments to this list by 2359UTC on 30 March
> 30 2017.
>
>
> I apologize for bringing this up so late, but it looks to me like we
> should consider phrasing the words for Mode 4 in this draft more precisely.
>
> As shown here https://bugs.chromium.org/p/chromium/issues/detail?id=767304 and
> here https://bugzilla.mozilla.org/show_bug.cgi?id=1452713 implementers
> are somewhat confused what to do if Mode 4 is chosen, but no HTTP proxy is
> configured.
>
> At a minimum I would suggest to insert “HTTP” before each of the
> occurrences of the word proxy in the description:
>
> Mode 4:  Force proxy: This forces all WebRTC media traffic through a
>             proxy, if one is configured.  If the proxy does not support
>             UDP (as is the case for all HTTP and most SOCKS [RFC1928 <https://tools.ietf.org/html/rfc1928>]
>             proxies), or the WebRTC implementation does not support UDP
>             proxying, the use of UDP will be disabled, and TCP will be
>             used to send and receive media through the proxy.  Use of
>             TCP will result in reduced quality, in addition to any
>             performance considerations associated with sending all
>             WebRTC media through the proxy server.
>
> Because apparently some people think of proxies and TURN relays being the
> same thing. Which I don’t think is/was the intention here.
>
> Second of all I think the draft would benefit from explaining what to do
> expect in Mode 4 in the absence of a HTTP proxy.
>
> And lastly I think the discussions in the above bug reports have brought
> up the point that TURN relays might not be trustworthy either.
> I’m assuming it’s only a matter of time until when some evil actors will
> provide fake TURN implementations to gather the browsers routable IP from
> the TURN layer.
> Therefore I think it would make a lot more sense to specify two different
> modes:
> - Mode 4: Relay only: only TURN relay candidates are gathered.
> - Mode 5: HTTP proxy only: all WebRTC media traffic is forced through a
> HTTP proxy.
>                 If no HTTP proxy is configured no candidates are gathered.
> I realize that the process might have gotten already to far to follow this
> suggestion.
>
>
How would relay-only help here? The web application can still learn the IP
directly from the TURN servers.

v2.23.0 | Report a Bug | By Email