Re: [rtcweb] Please require user consent for data channels
Roman Shpount <roman@telurix.com> Sat, 18 July 2015 09:38 UTC
Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C32B1B29F4 for <rtcweb@ietfa.amsl.com>; Sat, 18 Jul 2015 02:38:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p8UGpdSC3Pl6 for <rtcweb@ietfa.amsl.com>; Sat, 18 Jul 2015 02:38:38 -0700 (PDT)
Received: from mail-ig0-f178.google.com (mail-ig0-f178.google.com [209.85.213.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92AF91B29F5 for <rtcweb@ietf.org>; Sat, 18 Jul 2015 02:38:38 -0700 (PDT)
Received: by igvi1 with SMTP id i1so49821722igv.1 for <rtcweb@ietf.org>; Sat, 18 Jul 2015 02:38:38 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=1eMxQ5jGi+jj6f8D59gwab0BMPk33bxNY4MgU/2064c=; b=isfRJBFe0r54GDXZa81g9JZio7pAEHILe3GkMm2/ELY0zGWqCdAGqMmurq/oVPND8k 547Qa5J/tJvg8t7dvh4HpXNGYUvJq/18TmYxY000rlbXUQfJ2LV8KEwZHGcqX2VCv6QR +X5IB4o/P+a3ZCVm5Xn4iI7sKgU9krkZKbhQY2Vmj5TNRzx9o2cBwyMxAZEHgTZqgkIM l9Nz8iQVZGDzsPgZsUaG+wtNYEibFxrei+PIvOcUfvaKYzUcVI9PtvXCD2TKpkFdS4XT oOE4gEsBw3MPsvlf5idq5NvK4WdnZZLo2Lgoov1vqbK8mFDI2DQd8p6B8N9d+E5x9bKZ kfSA==
X-Gm-Message-State: ALoCoQmI608kMhL5id3T+kzFisCct78Q14o45MOTWEt+UKpWzbIES0orAZtTw9/RpwOu5dKJ2LiN
X-Received: by 10.107.41.11 with SMTP id p11mr21510708iop.148.1437212317964; Sat, 18 Jul 2015 02:38:37 -0700 (PDT)
Received: from mail-ig0-f179.google.com (mail-ig0-f179.google.com. [209.85.213.179]) by smtp.gmail.com with ESMTPSA id l62sm9267650iol.36.2015.07.18.02.38.36 for <rtcweb@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 18 Jul 2015 02:38:36 -0700 (PDT)
Received: by iggf3 with SMTP id f3so52470279igg.1 for <rtcweb@ietf.org>; Sat, 18 Jul 2015 02:38:35 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.107.7.214 with SMTP id g83mr26437548ioi.28.1437212315614; Sat, 18 Jul 2015 02:38:35 -0700 (PDT)
Received: by 10.36.89.70 with HTTP; Sat, 18 Jul 2015 02:38:35 -0700 (PDT)
In-Reply-To: <CABkgnnWERM4oxozNCSvRf1o0Wm-d9Bjw=9B+xh_NJ+h6GfBJ6Q@mail.gmail.com>
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com> <CAOJ7v-0UBGtP0-atxP7X4OTj-H6Lost5o42aAS65mA6CEqcQsw@mail.gmail.com> <CA+65OsrhXHK+cRAFLCZFt+34vr8eRhj+CN3DgznUBfSwmWYggw@mail.gmail.com> <CAOJ7v-24VCW6kkn7LOLkqZzhYEU0r=nmd_F7Zns1rnyqKN6xAg@mail.gmail.com> <55A95364.2070806@gmail.com> <CAOJ7v-3t9BQabR2e4EHs4G0Sec4sU9DFC2aiSXXYrat+an+RYg@mail.gmail.com> <55A96DA3.1040907@gmail.com> <CAOJ7v-1ui7349NzK6NZNRHPbnHWZajctk4cDgMKqRZSv47EYdA@mail.gmail.com> <55A9860D.8030903@gmail.com> <CAOJ7v-3LGd32rnpFVW_U0s3+iVaJXsL4vt_YAo=cyp6YyOArdw@mail.gmail.com> <CALiegfmiS18Jux-kCgOhTKKiyGtMertj6xCegpFrox5NOf9EJg@mail.gmail.com> <CABkgnnW0Tmjqz823vKiF84_u6HasBJC7ERMYCO2HL_NPj5saTA@mail.gmail.com> <CALiegfkpbLy1QXxr-RRF0oOpVv1sWsFeab=vvC4iT4DnPtjKQw@mail.gmail.com> <CABkgnnVWcuhX2NjZgx87L+Uo6df6rEBWW73cxbaX3mu_VfHmCA@mail.gmail.com> <CALiegfkQWAn-jMrjhcDPA3rtowOPVk-S8z3c-jvjpNmjtf=3hA@mail.gmail.com> <CABkgnnWERM4oxozNCSvRf1o0Wm-d9Bjw=9B+xh_NJ+h6GfBJ6Q@mail.gmail.com>
Date: Sat, 18 Jul 2015 05:38:35 -0400
Message-ID: <CAD5OKxt-DZCGFECv2UYH8g0fD6EAk39cdpWD-CsN_ED6L4hfKg@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="001a113f911c8a0807051b2311f5"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/XiNa3xZy00DycybRg0fZs2pJxzE>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jul 2015 09:38:40 -0000
On Fri, Jul 17, 2015 at 9:31 PM, Martin Thomson <martin.thomson@gmail.com> wrote: > On Jul 17, 2015 5:01 PM, "Iñaki Baz Castillo" <ibc@aliax.net> wrote: > > > > The point is that you don't even choose the interface. The OS will do > for you. > > The OS can - and frequently does - get that wrong. The default route can > fail when another might succeed. > > You can't allow that to happen if you care about connecting successfully. > Sending data to a particular destination over an interface that is not supposed to be used based on the local routing is definitely something that goes against the local policy and should be discouraged. For instance on a mobile device, not being able to reach a particular STUN/TURN server over WiFi, should not give the browser an automatic permission to send media over cell data interface and generate a huge bill for the customer. Forcibly overwriting default route is something that should need user consent. I understand that we want the call to succeed in as many cases as possible, but blindly assuming that the local routing policy exists for no reason whatsoever is somewhat dangerous. Would it make sense to use the default route when sending BIND requests to the STUN/TURN server and ICE connectivity checks? All the host interfaces, including non-default, should, of cause, be included as targets for remote connectivity checks. An extra option should enable using non-default interfaces to send ICE requests and it should only be enabled if user explicitly agrees to it. Vast majority of users will never need it anyway. Regards, _____________ Roman Shpount
- [rtcweb] Please require user consent for data cha… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Matthew Kaufman
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Lorenzo Miniero
- Re: [rtcweb] Please require user consent for data… Michael Tuexen
- Re: [rtcweb] Please require user consent for data… tim panton
- Re: [rtcweb] Please require user consent for data… Bernard Aboba
- Re: [rtcweb] Please require user consent for data… Matthew Kaufman
- Re: [rtcweb] Please require user consent for data… Timothy B. Terriberry
- Re: [rtcweb] Please require user consent for data… Victor Pascual Avila
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Eric Rescorla
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Stephen Farrell
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Harald Alvestrand
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] Please require user consent for data… Harald Alvestrand
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Jonathan Lennox
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Ted Hardie
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Ted Hardie
- Re: [rtcweb] Please require user consent for data… Randell Jesup
- Re: [rtcweb] Please require user consent for data… Roman Shpount