Re: [rtcweb] Please require user consent for data channels

[Iñaki Baz Castillo <ibc@aliax.net>]

2015-07-20 16:49 GMT+02:00 Roman Shpount <roman@telurix.com>:

> If a local system administrator set a lower metric to a particular default
> (or any other route) vs all the other routes to a certain destination, this
> route should be used to reach this destination. This is the normal behavior
> for all other network communications from the browser (HTTP. WebSockets, or
> even FTP or gopher). With ICE, browsers depart from this model. I
> understand that this can enable browsers to set up a WebRTC media
> connection where it would not be able to do so otherwise. On other hand
> using secondary routes can produce some unexpected results, such as
> exposing reflexive addresses on secondary interfaces or sending data over
> LTE network when WiFi is available. I think using secondary routes should
> only be enabled after user consent or if an appropriate browser setting is
> enabled. In wast majority of cases, primary default route is sufficient to
> set up the WebRTC connection. My assumption is that using secondary default
> routes only improves the chances of connection in extremely small number of
> cases. Based on the systems I have worked with, we are talking about less
> then 1/10 of the percent of end users.
>

Agreed. Important concerns here are:

1) The app (browser) should respect the routing local policy. It means that
it should consider the metric/priority of the capable routes (as the
administrator or OS decided), or that it should just use the best one (but
this may also cause issues as stated in next bullet).

2) If the browser also uses a secondary capable route it may cause real money
(if for example the secondary route goes through a LTE interface while the
primary route is WiFi based).


-- 
Iñaki Baz Castillo
<ibc@aliax.net>