IETF Logo Mail Archive

Re: [rtcweb] draft-ietf-rtcweb-ip-handling: Mode 2 and VPN scenarios

James Pearce <james@jamesandjo.com> Fri, 10 November 2017 15:36 UTC

Return-Path: <james@jamesandjo.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88E59126CC4 for <rtcweb@ietfa.amsl.com>; Fri, 10 Nov 2017 07:36:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jamesandjo-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RDYsN4EVDpSY for <rtcweb@ietfa.amsl.com>; Fri, 10 Nov 2017 07:36:36 -0800 (PST)
Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0366E126C3D for <rtcweb@ietf.org>; Fri, 10 Nov 2017 07:36:35 -0800 (PST)
Received: by mail-qt0-x22f.google.com with SMTP id d43so1572690qte.13 for <rtcweb@ietf.org>; Fri, 10 Nov 2017 07:36:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jamesandjo-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=2tUmcrK85Ut+UmyYC9/B2gnK2io0L4hJvzOuPMlcc+o=; b=T3CNM3s7lP3cDJE6/L6OsEn93iZq/1ZI2cgpp+gRpVzDosaWJBQ7VQmkrDgY/mHVSW F1AVxtyLX8MMDVvjCuJ2fO8hGPVqu1bpIXaKKvcUqPuc/SQDfQhuFBP8e+iDhz6ruDS6 mx4ZkrijjTaHRpPbz+Uk7EvH7+fH/rZcrVHMet7q/4+X+BfiMMa4y0zUtdb1PjPkfJtv ZPZiyZKE/dBr+tfVGeEHwyY3LLhMLjVWj84C+S0kMq4alIORfDc1hhU5lca+uTbf1bo2 W3LavgslXyC/2uU0qsasYTOPK0r9ZdibROr1N3Id2voioB2ba01czXtp8FE44zqYsNcv 36ow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=2tUmcrK85Ut+UmyYC9/B2gnK2io0L4hJvzOuPMlcc+o=; b=PVvjEfTigbrIE8QVWtYYBLhPAat5scpSsuPI5PJ04DJLnJ3pqrMRJoAw6tlM0NIG6X AhvMl/Kga/8oQmyabcx15oBxvgC8azU9ZP5ue6A/YGjvr0p0rDYY9kpZ+YCP5T0VETTC IWoDXY32KeBtAWDm2uesSMm/Ye9fc6MvbEgKSj+MRtlMq/6iOcSHBWYCNScmfleILYsi ssWJQmVjo+vrixuwfJ4K8LS3pBVMYTq7a4pijDeBXPzsKP5u4vOAqrOa3PVp3D/zBu2p nU/DIOs5uvgNs2Xc/PSdSGX9WJ7b0V+4FoX9k3AmpY0FKuh3Ng2ElH9dyTHd/mhr0LoR i6yw==
X-Gm-Message-State: AJaThX74s2wXqVqHULt7gaunyg17WgS8HE4Y2nIhQuuIKBzUNENvgBZI dA83l5mLdb7OUTeS5W+xw8MTY/nOBjTVd2wodnf/xg==
X-Google-Smtp-Source: AGs4zMb3DLeaHy47vsrdMRMhWDogHLKHqGiylVNMLr2qR5iIQJzpOgDsGH8j8k5h5TFRqEtqXQmk2W7MpiYFa2yCL/E=
X-Received: by 10.200.3.210 with SMTP id z18mr1219963qtg.26.1510328194869; Fri, 10 Nov 2017 07:36:34 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.46.248 with HTTP; Fri, 10 Nov 2017 07:36:34 -0800 (PST)
In-Reply-To: <8AACCCBE-CB5D-420C-8B31-C3144D9634F0@iii.ca>
References: <768A1C2E-4D4A-44C4-A65D-07728F900C96@jamesandjo.com> <8AACCCBE-CB5D-420C-8B31-C3144D9634F0@iii.ca>
From: James Pearce <james@jamesandjo.com>
Date: Fri, 10 Nov 2017 15:36:34 +0000
Message-ID: <CAO5ixTFmw_x4bdim1SzoWASShAop5aiurueoGy-y0XoFtTqVKQ@mail.gmail.com>
To: RTCWeb IETF <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="f4030435cd688cbc63055da2af4e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/UvT7tuel0L_XLb2wtdp3xfZ_uzI>
Subject: Re: [rtcweb] draft-ietf-rtcweb-ip-handling: Mode 2 and VPN scenarios
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Nov 2017 15:36:37 -0000

Hi All,

Apologies for resurrecting this topic from August. Has anything been
decided regarding this? Has it been rolled into other changes, or is it
still being considered?

Many thanks,

James

On 1 September 2017 at 14:57, Cullen Jennings <fluffy@iii.ca> wrote:

>
> > On Aug 23, 2017, at 3:06 PM, James Pearce <james@jamesandjo.com> wrote:
> >
> >
> > The obvious solution seems to be to change the behaviour of mode 2.
> Rather than using the default route in all cases, we should use the route
> that was used to fetch the origin. This seems to resolve both the usability
> and privacy concerns without reducing existing security.
>
> I agree this is a significant problem and your proposal does seems like a
> better solution that the current text. We should get people to think about
> the implications of that change.
>
>
>

v2.23.0 | Report a Bug | By Email