IETF Logo Mail Archive

Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling

Justin Uberti <juberti@google.com> Fri, 13 April 2018 00:23 UTC

Return-Path: <juberti@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9B8612895E for <rtcweb@ietfa.amsl.com>; Thu, 12 Apr 2018 17:23:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tJ0rXoEbLmZX for <rtcweb@ietfa.amsl.com>; Thu, 12 Apr 2018 17:22:58 -0700 (PDT)
Received: from mail-ua0-x235.google.com (mail-ua0-x235.google.com [IPv6:2607:f8b0:400c:c08::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C475D1277BB for <rtcweb@ietf.org>; Thu, 12 Apr 2018 17:22:57 -0700 (PDT)
Received: by mail-ua0-x235.google.com with SMTP id j18so4707196uae.12 for <rtcweb@ietf.org>; Thu, 12 Apr 2018 17:22:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=XupH0e3J6hZ7RfahwAtMKXl+oJClle0649ItmzeTb0E=; b=IJaB0LfGj5Y4PHcdmsbJVXrm4S9asJisotHmd2ka557a5SFvfRqOeHpJ8yfNeyxMRe yIwPqc5A/j0V4/b9Xglz9W02hI9s8UPBDlyDNdulfQQfD/BoFsWUtNWac1eQQRigwyvj xh4akfc+YiTTx82F01UAIf/okhaRdnikQn6eN+i4mxdz5CPSxSuFcu7jDK3xSIM2Wbmv aqBKVLPFSYEyqaa9KT2zNX0z/N4dbVMgd4czLQTKB2ARxiExe94Pm+VNDS4m0/XTetsb 03Z4aeSbiAW0yjj90Sc4IvYe4eZN9Vfc8zkI0h2/ViFkHvBUYdLLANVXLKRYHWwv2rPx GcMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XupH0e3J6hZ7RfahwAtMKXl+oJClle0649ItmzeTb0E=; b=HEBZsCr+3ndrpfNVEHlYZMPGy+z9IiAIipsSabFJculrcazz/zpiIimYJb7RvnjsLY 1dID2Sg/YBN0bogu4s5it+63CAzUDO6AEMtzMBYE2Ysjvx2HLFMRPmYA4QOt2a4c6Yop nlu4tF28JO61zxfmF1adsqYoqJ78Y/wLssOm7Vrbq9Wym+3plLlt9tS+W9UU8PDapUIx FbwJZtiX1842gENj8fQTZ58Ih2evuzODbIEkzmcuPzOwQUWKUduC1G4TXlyM4aN6E825 ksWUS6pwtCb8QGcKE2EeOUBytKNUgSm7pWuhUGykVJbnD2K0yv8LUuItUiw8j3yQqJWh cXig==
X-Gm-Message-State: ALQs6tDWBbhZ5ByPJvfF9Ma9KK8kytKoQHc6FWzYXIiHl8EwTBJL2vFC 9SoyRgvpYwj/Dr9mIs8M00w5rBodnN+e5KAzZ/KHeg==
X-Google-Smtp-Source: AIpwx49IKfycksG5H+W2yZlwgQxGs/gDe2kjWpRvdy+/p2IvtAmgjKFVb4zMxbmUzNFWeEN4WrKKguvktd5DYDu0Z24=
X-Received: by 10.176.21.1 with SMTP id o1mr2269351uae.60.1523578976344; Thu, 12 Apr 2018 17:22:56 -0700 (PDT)
MIME-Version: 1.0
References: <1D5B431C-801E-4F8C-8026-6BCBB72FF478@sn3rd.com> <63282b84-4493-3fcb-a95f-4afe17d96bb6@cs.tcd.ie> <CAOJ7v-1gTq+EEjb+-q-T-pABBW--rpNGegoj_d2_7f7AKGksCA@mail.gmail.com> <403713b4-31d4-9085-d639-d3f60935ed5a@cs.tcd.ie> <CAOJ7v-0ED-FK=JmSxBJYfM=PCdgY6kmbiq6aFLcP7OXugG07EA@mail.gmail.com> <e6938f7d-542d-736b-0a3d-9269d7dd06e5@cs.tcd.ie> <CAOW+2dv1ORz2tEkgDTvdM1DtgyOdgXqKU30T4QhLAp1NT+rirg@mail.gmail.com> <CAOJ7v-0tCcg3FdzyfSJ6Y3JaH-TivFf-Sey6+tD8BANJKsjqtQ@mail.gmail.com> <1fceb3c4-35f3-34f7-de1d-79d5805e6d22@gmail.com> <9517D601-D3E8-46E1-94E5-7EC29FD6319B@sn3rd.com> <b5d323ac-2205-2aee-05c9-f270e80215f5@gmail.com> <CAOJ7v-0+hr-NddbLCwgjkfyEFEzoLYW8BcE5OYZ+HUiqDRnarg@mail.gmail.com> <0dee004d-159a-a9be-a0b8-ecbfd4204d72@gmail.com> <06252a76-f12e-4d8d-4a07-5240a7605bce@gmail.com> <914e0220-e3cc-00d7-0925-e5deb8b07e75@nostrum.com> <AFDFD3F3-4798-4716-B26C-A67457BF2C65@sn3rd.com> <e5e2a517-d29a-117c-ab79-6f01fa62b843@gmail.com> <20180412144158.44733ac7@lminiero> <b767da79-7678-2a1c-ecb0-46a9a3bd9129@gmail.com>
In-Reply-To: <b767da79-7678-2a1c-ecb0-46a9a3bd9129@gmail.com>
From: Justin Uberti <juberti@google.com>
Date: Fri, 13 Apr 2018 00:22:45 +0000
Message-ID: <CAOJ7v-2gmxpsGp=25pcJmnkYmipZdCFOqU4nLtAVSznLsZo9rQ@mail.gmail.com>
To: Lennart Grahl <lennart.grahl@gmail.com>
Cc: Lorenzo Miniero <lorenzo@meetecho.com>, RTCWeb IETF <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="001a11463dccaca47c0569afdfac"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/OuCNpIe-sflI0NG31qh1Wd1tnuU>
Subject: Re: [rtcweb] WGLC for draft-ietf-rtcweb-ip-handling
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2018 00:23:01 -0000

Being non-interactive, it's not clear that those cases require Mode 1
though; they should work well even in Mode 2. I also don't think that
suggesting "more appropriate means" is useful when we as a WG haven't been
able to come up with any.

Note also that between -02 and -03, we as a WG chose to remove a more
explicit discussion of getUserMedia, namely this para:

       The getUserMedia
       suggestion takes into account that the user has provided some
       consent to the application already; that when doing so the user
       typically wants to engage in a conversational session, which
       benefits most from an optimal network path, and lastly, the fact
       that the underlying issue is complex and difficult to explain,
       making explicit consent for enumeration troublesome.


If we're not going to talk about the upsides of the getUserMedia
mechanism, I don't think we should have a lengthy discussion of
downsides either.




On Thu, Apr 12, 2018 at 4:49 PM Lennart Grahl <lennart.grahl@gmail.com>
wrote:

> On 12.04.2018 14:41, Lorenzo Miniero wrote:
> > On Thu, 12 Apr 2018 14:22:17 +0200
> > Lennart Grahl <lennart.grahl@gmail.com> wrote:
> >
> >> On 12.04.2018 00:31, Sean Turner wrote:
> >>>> On Apr 11, 2018, at 16:10, Adam Roach <adam@nostrum.com> wrote:
> >>>>
> >>>> [as an individual]
> >>>>
> >>>> On 4/11/18 1:15 PM, Lennart Grahl wrote:
> >>>>> Since I haven't seen a satisfactory response so far, let me
> >>>>> rephrase this as a question: Can anyone explain to me why that
> >>>>> approach is not considered a valid alternative to getUserMedia?
> >>>>
> >>>>
> >>>> I think you're not getting a lot of response here because what
> >>>> you're proposing is well within the bounds of what the current
> >>>> document says. gUM is offered as a non-normative example, but
> >>>> that's all it is. If you believe that document changes are in
> >>>> order, perhaps a concrete proposal along the lines of "change the
> >>>> text <x> to be <y> instead" or "add text <z> at the end of section
> >>>> <q>" would produce more conversation.
> >>
> >> Thanks, this and the response from Bernard is good feedback that I
> >> should provide a more concrete proposal next time.
> >>
> >>> As the draft’s Shepherd trying to figure out how to bring closure
> >>> on this issue, I like to offer a summary:
> >>>
> >>> There’s some discomfort with the use of the term “user consent” as
> >>> well as the non-normative example provided for how to get it. The
> >>> problem with changing the term to something else is "user consent"
> >>> is a term of art; we can’t really qualify it with something like
> >>> “informed”, because we’d need to explain what that means (and well
> >>> GDPR …), and; frankly the term is used extensively in the other
> >>> security draft that we pruned ip-handling from.  The problem with
> >>> changing the non-normative example is that there don’t seem to be
> >>> other attractive/realistic alternatives.
> >>>
> >>> What I’d like to do is remind everybody that we pruned this draft
> >>> from the other security drafts to allow it to be updated faster
> >>> because it’s about a much narrower subject.  With this in mind and
> >>> Bernard’s long list of questions, I would like to propose that we:*
> >>>
> >>> 1) Add another sentence (from Tim) that indicates there are other
> >>> alternatives:
> >>>
> >>>       Alternatively implementations can provide a separate
> >>>       mechanism to obtain user consent.
> >>>
> >>> 2) Progress the draft out of the WG.*
> >>>
> >>> 3) Update/Obsolete this draft, when a much superior alternative
> >>> emerges.
> >>>
> >>> spt
> >>>
> >>> * Also "hold your nose" if you’re sad about this proposal but are
> >>> willing to begrudgingly live with the rough consensus; it’s rough
> >>> and we noted this in the Shepherd write-up.
> >>>
> >>> ** Remember that during the IETF LC we (or somebody in the wider
> >>> IETF community) might come up with something during the IETF LC.
> >>
> >> I realise I've joined a tad late and it should be clear by now that I
> >> have a strong reluctance when it comes to using getUserMedia for the
> >> purpose of getting consent to use mode 1. But you are correct, it is
> >> non-normative and I'm more irritated by the implementations that don't
> >> provide an alternative than this document. Still, I would appreciate
> >> if the sentence from Tim you mentioned in 1) will be added.
> >>
> >> Regarding 3): Like Bernard, I'm unsure how to determine a "superior
> >> alternative" (especially in the context of a non-normative section).
> >>
> >
> >
> > Since there seems to be a call for proposed text:
> >
> >       The details of this consent are left to the implementation; one
> >       potential mechanism is to tie this consent to getUserMedia
> >       consent.  It should be noted, though, that getUserMedia
> >       consent is typically only required when users are supposed to
> >       share media content from their local devices. This may not
> >       always be the case, e.g., in scenarios where users will only
> >       be receiving media (e.g., a broadcast), or when
> >       PeerConnections are created for the sole purpose of setting up
> >       datachannels. Requiring getUserMedia consent when it's not
> >       really needed may end up discouraging users from establishing
> >       a media session, or getting unwarranted access to more
> >       information they meant to share. As such, alternative and more
> >       appropriate means for getting user consent for Mode 1 are
> >       suggested.
> >
> > Probably overly verbose, but it voices my (and I think Lennart's)
> > concern with the current text.
>
> Likely a verbose version of https://github.com/juberti/draughts/pull/98.
> But I appreciate and would agree with that since it clarifies that some
> non-obvious use cases exists that we have found throughout the years
> where getUserMedia is painful (if anything). I don't know if that's an
> appropriate way of telling implementers about these use cases, though.
>
> Cheers
> Lennart
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>

v2.23.0 | Report a Bug | By Email