Re: [rtcweb] Please require user consent for data channels

[Roman Shpount <roman@telurix.com>]

On Sun, Jul 19, 2015 at 3:21 AM, Harald Alvestrand <harald@alvestrand.no>
wrote:

> Solutions we engineer MUST work in the current Internet.
>

I agree completely.


> +1 to Simon - the way systems are designed, implemented and deployed
> *now*, there may be multiple interfaces with multiple default addresses,
> and there's nothing intrinsically illegal, immoral or fattening about an
> application accessing them.
>

If a local system administrator set a lower metric to a particular default
(or any other route) vs all the other routes to a certain destination, this
route should be used to reach this destination. This is the normal behavior
for all other network communications from the browser (HTTP. WebSockets, or
even FTP or gopher). With ICE, browsers depart from this model. I
understand that this can enable browsers to set up a WebRTC media
connection where it would not be able to do so otherwise. On other hand
using secondary routes can produce some unexpected results, such as
exposing reflexive addresses on secondary interfaces or sending data over
LTE network when WiFi is available. I think using secondary routes should
only be enabled after user consent or if an appropriate browser setting is
enabled. In wast majority of cases, primary default route is sufficient to
set up the WebRTC connection. My assumption is that using secondary default
routes only improves the chances of connection in extremely small number of
cases. Based on the systems I have worked with, we are talking about less
then 1/10 of the percent of end users.

Regards,
_____________
Roman Shpount