Re: [rtcweb] Same location media
Eric Rescorla <ekr@rtfm.com> Thu, 20 October 2011 16:31 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06DBB21F8C9B for <rtcweb@ietfa.amsl.com>; Thu, 20 Oct 2011 09:31:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.962
X-Spam-Level:
X-Spam-Status: No, score=-102.962 tagged_above=-999 required=5 tests=[AWL=0.015, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JdGg3XphWEoi for <rtcweb@ietfa.amsl.com>; Thu, 20 Oct 2011 09:31:14 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 1459621F8C70 for <rtcweb@ietf.org>; Thu, 20 Oct 2011 09:31:07 -0700 (PDT)
Received: by gyh20 with SMTP id 20so3592854gyh.31 for <rtcweb@ietf.org>; Thu, 20 Oct 2011 09:31:06 -0700 (PDT)
Received: by 10.236.178.3 with SMTP id e3mr7334363yhm.90.1319128266560; Thu, 20 Oct 2011 09:31:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.146.168.5 with HTTP; Thu, 20 Oct 2011 09:30:22 -0700 (PDT)
In-Reply-To: <CAD5OKxuJi_VS9fRc4P6GN-StWzMhMHAQ2MyO8zJVsMfEeQRftg@mail.gmail.com>
References: <CAD5OKxuJi_VS9fRc4P6GN-StWzMhMHAQ2MyO8zJVsMfEeQRftg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 20 Oct 2011 09:30:22 -0700
Message-ID: <CABcZeBMhS8TOK7ztTwWV_vtNf-pesiGtD29kROAAH85GhiE4Cw@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Same location media
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Oct 2011 16:31:15 -0000
On Thu, Oct 20, 2011 at 9:27 AM, Roman Shpount <roman@telurix.com> wrote: > 3. There is still a security issue with ICE: we validate that STUN request > can be processed, but not that the media actually should be accepted from > this application. In some sense, current Flash cross domain polices are > stricter, since they not only validate that media is acceptable at this IP > but that it is acceptable from the app served from particular server. Unless I'm confused, you get a similar check with ICE because the target needs not only to respond to STUN in general but also to STUN with particular credentials, which means that the target can enforce that only specific sites get those credentials. -Ekr
- [rtcweb] Same location media Roman Shpount
- Re: [rtcweb] Same location media Eric Rescorla
- Re: [rtcweb] Same location media Bernard Aboba
- Re: [rtcweb] Same location media Roman Shpount
- Re: [rtcweb] Same location media Roman Shpount
- Re: [rtcweb] Same location media Bernard Aboba
- Re: [rtcweb] Same location media Matthew Kaufman
- Re: [rtcweb] Same location media Matthew Kaufman
- Re: [rtcweb] Same location media Roman Shpount
- Re: [rtcweb] Same location media IƱaki Baz Castillo
- Re: [rtcweb] Same location media Bernard Aboba
- Re: [rtcweb] Same location media Hadriel Kaplan
- Re: [rtcweb] Same location media Michael Thornburgh
- Re: [rtcweb] Same location media Roman Shpount
- Re: [rtcweb] Same location media Bernard Aboba
- Re: [rtcweb] Same location media Salvatore Loreto
- Re: [rtcweb] Same location media Jozsef Vass