Re: [rtcweb] draft-schwartz-rtcweb-return
Justin Uberti <juberti@google.com> Thu, 26 March 2015 16:27 UTC
Return-Path: <juberti@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AC491A0469 for <rtcweb@ietfa.amsl.com>; Thu, 26 Mar 2015 09:27:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4vbnO6iB2U90 for <rtcweb@ietfa.amsl.com>; Thu, 26 Mar 2015 09:27:21 -0700 (PDT)
Received: from mail-ig0-x236.google.com (mail-ig0-x236.google.com [IPv6:2607:f8b0:4001:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B84A1A6FF9 for <rtcweb@ietf.org>; Thu, 26 Mar 2015 09:27:20 -0700 (PDT)
Received: by igcxg11 with SMTP id xg11so58685580igc.0 for <rtcweb@ietf.org>; Thu, 26 Mar 2015 09:27:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=weEDotx8QfLzpDiWjvZdOrWcB18h1LNwKPAwAAYbris=; b=eR9vvg3YwEZUxSLJfE1m8Rsnk+fevlqRnBfI+NgnVD/Oa1L0dRgx8DW4GJlIZJ4YOf kuhDJrOdLVcJxzROtJGosHInWtUgd5ZDZbEUA9aauaVlilxfcclze767JERcUMi1HEkY 2BNbrkxGm6bTvUHUSfyLjhNmKSp+aUb/jF/tFj1HviEfC+7HZRhkaRqFNEfxemoPmMQN o1GsEcEKDkLfOmA5x4HH/bSiDyFxlApsUg4u2YvPYHOdjl4/l9+uqu5OyvcX/5p/LOGW VAAd34sMvdkZjO9dmFZyu70nJs0+BHnvcsNkRBnQEwjSA2zSGPmVPnewnH1Rko+ZwuS6 SHgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=weEDotx8QfLzpDiWjvZdOrWcB18h1LNwKPAwAAYbris=; b=fsf99OA+VeuEy3MM0JJn8tTUaLzWpk3e6OwDtOE7rQtaKojs/jxJqnCZbiElAH9mqm l/PSslDH1C1sa48brX40IalPH0fPY8jrB7rLa82VutnUwjqBwTiMt/kxkrpATV6x7l5U qNNsCWGW13gtOx0whnGE7XCYBSE6KFR/i68P45g+bOXbUYSZMRKztBBtYaoApIzWVkl+ kgSmswaFhe0MTMfkeDxK6Xw9GKfOERUpV1vcnUMxrkzt8mgSsXpIy9gelXQvu8+wimiS wLww02wW+r5hYHXSzmw00dD/C76anDAdgFA5SmziAH0H0GW59B6ArUREGr07gxVJHfch MfTg==
X-Gm-Message-State: ALoCoQn5uKti0k7UMUH6JuBMNvif6hHgCXpPcAIGdqPx81jFfuECgOuTP0AQHz0SMjKUk6r4HgQb
X-Received: by 10.42.93.83 with SMTP id w19mr39191531icm.37.1427387239677; Thu, 26 Mar 2015 09:27:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.64.42 with HTTP; Thu, 26 Mar 2015 09:26:59 -0700 (PDT)
In-Reply-To: <CAHbrMsDS7a55pNOJCye8TYV6Ks6O3bgDZ9FBYZPPi-c5Q9rCyw@mail.gmail.com>
References: <9DA8307B-263C-4951-A55C-36B42D27C08B@cisco.com> <CAHbrMsDS7a55pNOJCye8TYV6Ks6O3bgDZ9FBYZPPi-c5Q9rCyw@mail.gmail.com>
From: Justin Uberti <juberti@google.com>
Date: Thu, 26 Mar 2015 11:26:59 -0500
Message-ID: <CAOJ7v-0uC5n5c_vtX6dWceVSxTQRhzO=t0-CKMJoYP35_aMS+Q@mail.gmail.com>
To: Benjamin Schwartz <bemasc@webrtc.org>
Content-Type: multipart/alternative; boundary="90e6ba614aa260ede90512337d72"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/eCM9AgyZQfJZTf2Y9uQD77ALXfQ>
Cc: Cullen Jennings <fluffy@cisco.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] draft-schwartz-rtcweb-return
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2015 16:27:22 -0000
On Thu, Mar 26, 2015 at 10:51 AM, Benjamin Schwartz <bemasc@webrtc.org> wrote: > On Thu, Mar 26, 2015 at 11:20 AM, Cullen Jennings <fluffy@cisco.com> > wrote: > >> I'd like to point out that the combination of >> ietf-tram-turn-server-discovery and draft-schwartz-rtcweb-return allow any >> network you are connected to more or less MITM your media and do things >> like rate limit it, generate analytics on who you are talking to, force >> your traffic through an intermediary that is in a different legal >> jurisdiction and so on. >> > > This is true on any network, right? If you can do NAT, you can do all of > those things. > > >> They are also not clear on how the browser gets the credentials to use >> the discovered TURN server. This seems like a major lacking before we can >> significantly discuss this. >> > > I agree that turn-server-discovery should address this. > This is an extant problem for HTTP proxies, not unique to this solution (and hasn't been a blocking issue there) > > >> As we have seen from the google proxy deployments, enough revenue can be >> generated from this relaying info to pay for the relay. I'm not keen on >> that happening automatically with no user consent or awareness. > > > It's already happening automatically, since 1999, thanks to WPAD, which > allows the network to automatically configure proxies for all web traffic > with no user intervention on all major browsers. > I don't buy the revenue argument in this context. There is no cleartext data to analyze. > > But I don't get how this will work for enterprise deployments - It's just >> very unclear how the JS would end with the appropriate set of TURN servers >> to use. >> > > It would be helpful if you could point to text that you think is unclear. > JS doesn't get these TURN servers, the browser does and applies them the same way it does HTTPS/SOCKS proxies. > > >> >> >> >> _______________________________________________ >> rtcweb mailing list >> rtcweb@ietf.org >> https://www.ietf.org/mailman/listinfo/rtcweb >> > > > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb > >
- [rtcweb] draft-schwartz-rtcweb-return Cullen Jennings
- Re: [rtcweb] draft-schwartz-rtcweb-return Benjamin Schwartz
- Re: [rtcweb] draft-schwartz-rtcweb-return Alan Johnston
- Re: [rtcweb] draft-schwartz-rtcweb-return Justin Uberti
- Re: [rtcweb] draft-schwartz-rtcweb-return Prashanth Patil (praspati)
- Re: [rtcweb] draft-schwartz-rtcweb-return Hutton, Andrew
- Re: [rtcweb] draft-schwartz-rtcweb-return Cullen Jennings (fluffy)
- Re: [rtcweb] draft-schwartz-rtcweb-return Justin Uberti
- Re: [rtcweb] draft-schwartz-rtcweb-return Hutton, Andrew