IETF Logo Mail Archive

Re: [rtcweb] Please require user consent for data channels

Simon Perreault <sperreault@jive.com> Mon, 20 July 2015 13:32 UTC

Return-Path: <sperreault@jive.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FAC41A8833 for <rtcweb@ietfa.amsl.com>; Mon, 20 Jul 2015 06:32:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.301
X-Spam-Level:
X-Spam-Status: No, score=-2.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bHkn9xgoLKlo for <rtcweb@ietfa.amsl.com>; Mon, 20 Jul 2015 06:32:52 -0700 (PDT)
Received: from mail-wg0-f52.google.com (mail-wg0-f52.google.com [74.125.82.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83B3F1A87AD for <rtcweb@ietf.org>; Mon, 20 Jul 2015 06:32:52 -0700 (PDT)
Received: by wgkl9 with SMTP id l9so130594074wgk.1 for <rtcweb@ietf.org>; Mon, 20 Jul 2015 06:32:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=KW4hi8E4VpT855f+CrNIIIsDBS1Et1Wd6fnByT6+7u0=; b=J63ZAZap99eUxApGeWK5PJNhn7WQIIw1JiT7UC1VTDwwPG/CX9BrQLRyWlxV3Phb2b PttxoSBX6pPLEkcIawfNpGv0YkfUM7xh0zmz34ywpzCZr+22YWcp9Yju/8+f8BliL+wy EaFrnllLwqH+rYXxCQYKWrZse4ohA2WA2s2jtAf7xCVwS/4Xlm/KDuHWQ4u7qbzWrD/7 SC3XDfyi0Pwf5CE1lBhms8gsAR8gZ9zQZPUilxWxQI/6eqrxpoVUQ22W6Ov9mDsfhlun LolAc8LgL3eMPcKWUsUp1E2iValPRdy9+m8ECK+/f1jc9W2MPVZTLhXfhv/7ieDZOE/f 4XLg==
X-Gm-Message-State: ALoCoQksHvHfU1KS33pV69Qvq/w7YM8BASYwbFsWsJzc8jMumpwbJyPoXTEhcmXsQbM4lvWtF99p
X-Received: by 10.180.231.40 with SMTP id td8mr22401913wic.9.1437399171028; Mon, 20 Jul 2015 06:32:51 -0700 (PDT)
Received: from dhcp-b3b5.meeting.ietf.org ([2001:67c:370:176:8c28:2ddb:9d64:1c21]) by smtp.googlemail.com with ESMTPSA id n6sm11875083wix.1.2015.07.20.06.32.50 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Jul 2015 06:32:50 -0700 (PDT)
Message-ID: <55ACF880.9090704@jive.com>
Date: Mon, 20 Jul 2015 15:32:48 +0200
From: Simon Perreault <sperreault@jive.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Iñaki Baz Castillo <ibc@aliax.net>
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com> <55A95364.2070806@gmail.com> <CAOJ7v-3t9BQabR2e4EHs4G0Sec4sU9DFC2aiSXXYrat+an+RYg@mail.gmail.com> <55A96DA3.1040907@gmail.com> <CAOJ7v-1ui7349NzK6NZNRHPbnHWZajctk4cDgMKqRZSv47EYdA@mail.gmail.com> <55A9860D.8030903@gmail.com> <CAOJ7v-3LGd32rnpFVW_U0s3+iVaJXsL4vt_YAo=cyp6YyOArdw@mail.gmail.com> <CALiegfmiS18Jux-kCgOhTKKiyGtMertj6xCegpFrox5NOf9EJg@mail.gmail.com> <CABkgnnW0Tmjqz823vKiF84_u6HasBJC7ERMYCO2HL_NPj5saTA@mail.gmail.com> <CALiegfkpbLy1QXxr-RRF0oOpVv1sWsFeab=vvC4iT4DnPtjKQw@mail.gmail.com> <CABkgnnVWcuhX2NjZgx87L+Uo6df6rEBWW73cxbaX3mu_VfHmCA@mail.gmail.com> <CALiegfkQWAn-jMrjhcDPA3rtowOPVk-S8z3c-jvjpNmjtf=3hA@mail.gmail.com> <CABkgnnWERM4oxozNCSvRf1o0Wm-d9Bjw=9B+xh_NJ+h6GfBJ6Q@mail.gmail.com> <7F818FAC-5559-4074-B1FC-EB9516A98FB7@phonefromhere.com> <55ACEA74.8050300@jive.com> <CALiegfm6PG4cEJdWtYMOcfgLn5Z7Knf1TxoYvNDVrt4sEdQZAA@mail.gmail.com>
In-Reply-To: <CALiegfm6PG4cEJdWtYMOcfgLn5Z7Knf1TxoYvNDVrt4sEdQZAA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/Pc-PXOkxqaV_jcj4gutj6_qvOSs>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 13:32:59 -0000

Le 2015-07-20 15:13, Iñaki Baz Castillo a écrit :
>     > Gulp. Whilst I mostly see the logic - it is wholly unexpected behaviour
>     > to the average sys admin.
>     > Certainly not what I expected.
> 
>     I don't know how you can expect ICE to work otherwise.
> 
> 
> It would just work. The STUN/TURN server should be reachable using the
> OS configured routes, isn't it?

I have no idea what you're talking about. Yes there must be a route. But
that's completely orthogonal to which interface you're binding to.

> Please, don't argument that "otherwise it would not work" because that
> is not true at all.

It is. But I'm not sure we're talking about the same "it" anymore.

>     > It strikes me that binding to all interfaces might well give a vector
>     > for attackers to map out a company’s internal networks.
> 
>     You are sending your IP address(es) as payload so that your peer may
>     connect to them. 
> 
> 
> The fact that the client announces its (probably) private VPN addresses
> to the remote peer does not mean that it also reveals the associated
> public reflexive IP. That just happens if the client performs STUN
> procedures over that interface, which is exactly the issue being
> discussed (at least right now).

If you can find a server-reflexive candidate on the VPN interface, it
means you can talk to the Internet using that interface, using that
server-reflexive IP address. How is that private knowledge at all? How
do you expect to keep your server-reflexive address private but still
use it for communication?

>     We've been doing this in various protocols for ages.
>     Just take FTP for example, where data and signalling are separate. How
>     is any of this different?
> 
> 
> The FTP client does not override the OS routes but instead contacts both
> the FTP signaling address and the FTP data address using the OS
> configured routes (rather than forcing local interfaces to reach them).
> So yes, it is fully different IMHO.

The routing table is *not* overridden by explicitly binding to an interface.

>     > It also may restrict the user’s ability to manipulate which medium is used.
>     > E.g. I’m at home and my chromebook pixel (or firefox tablet) is on wifi,
>     > but I’ve left LTE enabled.
>     > I (or the OS) is configured to prefer wifi wen available - but it
>     > happens that for a specific peer LTE completes first.
>     > So now my video call goes over LTE without my say-so and with no hint
>     > this is happening  - costing me real
>     > money. My only option is to completely disable LTE when I get home  (and
>     > lose SMS too) ?
> 
>     That is a valid concern, and the answer to it is MIF.
> 
> 
> Sorry, what does MIF stand for?

https://datatracker.ietf.org/wg/mif/documents/

The MIF WG is working on exactly this kind of problem. They are
developing an API for solving precisely this kind of interface
preference problem. IMHO ICE could perhaps be extended to make use of
this API. But I see it as "just" an enhancement.

Simon

v2.23.0 | Report a Bug | By Email