IETF Logo Mail Archive

[rtcweb] Review of draft-ietf-rtcweb-mdns-ice-candidates

Bernard Aboba <bernard.aboba@gmail.com> Fri, 14 September 2018 07:09 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C083130DDB for <rtcweb@ietfa.amsl.com>; Fri, 14 Sep 2018 00:09:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l2ShKgpo19VS for <rtcweb@ietfa.amsl.com>; Fri, 14 Sep 2018 00:09:51 -0700 (PDT)
Received: from mail-ua1-x936.google.com (mail-ua1-x936.google.com [IPv6:2607:f8b0:4864:20::936]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03658130DD2 for <rtcweb@ietf.org>; Fri, 14 Sep 2018 00:09:51 -0700 (PDT)
Received: by mail-ua1-x936.google.com with SMTP id 101-v6so6593737uav.7 for <rtcweb@ietf.org>; Fri, 14 Sep 2018 00:09:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=nO39EqyYpLT55u5NrbMhxBsLu/CCw3AAy+cvkATzMHo=; b=NzzwsoEUCqudDPvP3Cl7yjN1pQvvatGJYnADGxFwaySUPBcWAOrVIso++lTnkOYNnI KjWQhT+YucdTOVtlgtbLDdNPdo1Wis9vsSzB1WcXymXWKkVz0GtvTuZ3omPzx+3z1oUd lQsE2asQb3M7NG6/oHcIydx8XEmTqYtJzLOVAwJL+u0WQ9HjMOVTNsGQL8yadokNKKRo p0SRFNBf/Omgg075DxGGJMM0ZklDn2HGosXZAv2ELHn6fRraJT5ArzPhfL81qSxMQV9T o4re3gVVooa+u6AS0kvR5rss/6D+tHye6QE6tt75rdD4uc4tbiWRgtxCmJpBXemnEi3X sOGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=nO39EqyYpLT55u5NrbMhxBsLu/CCw3AAy+cvkATzMHo=; b=K+9asP96lzPV4uqWxBpvmyziy7+ffWJOcVdfuESZeGh9hKJ+TtAOUJrrqRKmnI5MOU x/huLxZrgil4wiJTakGMIzeaqeM1beu4QRHyNIqNz1xCKevNkZ1KnE+r1PwDshlTJEYr MH4DGcL8YSdX9hx8BxaH/4RSAvyMu9wuNCNU15VNz17S3LkmI1AHwEk5Zuj9rYf61e5k y+u4nH4WSXDuFKt8tyEIutRYwLoTyHaDsukaOKrz3LWaPKbUtFX8gyk4Vwx5hgRRbIBf eIqrJy6unglDG+rQXfIYGR7myVJVhN2ASwCkzSOk7kiOojIErzEgdN+b29Wjye9eb8Mq aDSg==
X-Gm-Message-State: APzg51B/N63waej9Sba/csAVnVOD4u+/ntcEdGjOUJikVgGpAZNl+s3W /yzx0M1xAzO2ikCQBYaUDOuHV2dSRanPiEvoRph1Y3p0
X-Google-Smtp-Source: ANB0VdZLZEeolEBUMZ6MuApKdaFvVMvulCKFlUN7JYHTf+PGuCcog9XdyYUfp0DohwxDXS2alNjKfcXWryvx2u+DLp4=
X-Received: by 2002:ab0:59c2:: with SMTP id k2-v6mr3687227uad.124.1536908989720; Fri, 14 Sep 2018 00:09:49 -0700 (PDT)
MIME-Version: 1.0
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 14 Sep 2018 00:09:38 -0700
Message-ID: <CAOW+2dtkNjzS0DkD37SD=POtC2Nd6Xe=upyjvVoyBnnMw7qwbQ@mail.gmail.com>
To: RTCWeb IETF <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000626c8d0575cf82f4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/o2QLRUDqSoPEIc-Pv2QuMc-emAA>
Subject: [rtcweb] Review of draft-ietf-rtcweb-mdns-ice-candidates
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Sep 2018 07:09:53 -0000

While I understand the overall goal of this document,  it strikes me as
suffering from two major problems:

a. Introduction of backwards compatibility problems and potential
additional delays due to utilization of name resolution mechanisms in ICE,
with a corresponding benefit (successful connectivity checks between host
candidates on the same network) which is only a marginal improvement over
mode 3 (no host candidates).

b. Over-reliance on permission mechanisms which have already been stretched
to the breaking point, leaving the potential for collateral damage in data
channel-only scenarios. Due to limitations in the current permissions
mechanisms, it is not currently practically impossible to distinguish
legitimate data channel applications that would obtain permissions if there
were usable means to do so from illegitimate applications attempting to
compromise user privacy.

Data-channel only scenarios that would be impacted include those where:

1. Permissions cannot be obtained (e.g. where there is no microphone or
camera attached to the device so that getUserMedia will always fail).

2. Low latency communications is a requirement so that TURN server
traversal is unacceptable (e.g. in financial applications where there may
be regulatory requirements relating to allowable delays).

3. TURN traversal would impose an unacceptable financial cost, such as in
branch office scenarios where a TURN servers is not provided in each branch
office, and branch office connectivity may be constrained (still an issue
for branch offices located on other continents).

Essentially, the problem is that these scenarios may have valid reasons why
they cannot utilize or do not wish to utilize getUserMedia as a
permission-granting mechanism.

v2.23.0 | Report a Bug | By Email