Re: [rtcweb] Security implications of host candidates
Martin Thomson <martin.thomson@gmail.com> Mon, 09 July 2018 22:42 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE6C7127333 for <rtcweb@ietfa.amsl.com>; Mon, 9 Jul 2018 15:42:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bhg4WNQ9f6nq for <rtcweb@ietfa.amsl.com>; Mon, 9 Jul 2018 15:42:49 -0700 (PDT)
Received: from mail-oi0-x22b.google.com (mail-oi0-x22b.google.com [IPv6:2607:f8b0:4003:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A32A2130DF0 for <rtcweb@ietf.org>; Mon, 9 Jul 2018 15:42:49 -0700 (PDT)
Received: by mail-oi0-x22b.google.com with SMTP id b15-v6so38942921oib.10 for <rtcweb@ietf.org>; Mon, 09 Jul 2018 15:42:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=lthKU+RKXLIbHTpid8p0a1+hTxoNGPKZ1vtlUDtBxgs=; b=gBYmrlRdNsti3nZGj2pNfmfpGPAfn2mNLh3lPru5Elvd7xky29o+G+p2s/RKGDY5qP AEARX1Fao5xZ5jkdO9BiBiCpYQRDMg9Mawd2ECRikAf6cHUMyzYZQueOAEXbqaH3DZYG qo0x3mQ29XgBShQntTSHXi46HvzGvcW+vMddnIqPXVYBWdulf8lMzIbVN4LC8r/C0lab HBWjUj0ecRK6h7ZwepFU+h7EzzoODKOGnhLAO66KRPuutmQfa4DusZQdD4PFpXqTMvao 0lf8COugTvlO6MTqVWSexwgjN+ZgpQLGE+JECidd6OrwAZKIQW4Bk2zE1Wg75bkZXrPV iHYA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=lthKU+RKXLIbHTpid8p0a1+hTxoNGPKZ1vtlUDtBxgs=; b=KgNtbiyiF9yelZM3Cn5GPqrCaMFeU5kAVQ//loEEUjeu53zhCWO/5r5C5Vu7pYWXkk muO6NNWupTmBUmZSnh/gM+7HopjB2wsMqNpaS8TKyRWyf4dFJ3HOodiJBXLNQddgg3Yd 1v7FqXEZ8obUwowkdKVq7S4+UwBgQHLKfAY/8zhyNo6QM7K2j5njNzp+/FpsVHuot5XD AUFNtLnuOYOrTqw6hPoar9LAJYTMEbXv5i+/252QouII46BzllmDA6gmelkjyVdt1Qf+ Gq7uOCnsVz6zRsUtDaKwRlflUJOJGU7ixc+MYvGk6pCNNaO5Ak42M5Q/jsgILf13qvtO klfw==
X-Gm-Message-State: APt69E2M1z/bOdzbXRQdzYTFh1XuTsj4Qek1eZT5ldOvYBYnkrITBBTJ AKb8KV1nC1aCBUGN6948iE+/+8KDIaZFAoidblL8sQ==
X-Google-Smtp-Source: AAOMgpeEZTiKsvEnrrpFLuqye2KKcmqjB1GmCKJvsfIBiuQJeV7+7UHVaFHH1tnxy3FBZgotuUSmfXgRMV+FdiWpeEU=
X-Received: by 2002:aca:3d43:: with SMTP id k64-v6mr23678920oia.166.1531176168783; Mon, 09 Jul 2018 15:42:48 -0700 (PDT)
MIME-Version: 1.0
References: <CAOJ7v-1t_BDEEHmA4eqiS9ksYOOyHUz9LFLhQxs8FhjTdswP5w@mail.gmail.com> <CANN+akZLRdZdexjU44zPCA6vdQR0hVYT17_4P8DefC0JbRL5mA@mail.gmail.com> <CAOJ7v-2JdiMJ9iWE_cL8G7xDM6iekexJL8KLEbz0jD=p7hiGZg@mail.gmail.com> <CANN+akbv2mpyhgV5vxDHKcsA8UPsSEr0bEjJK4xYxtvbkXNA7w@mail.gmail.com> <CAOJ7v-3gHMCxHU02YG3NoqvWHtXgOSWSm+y88GNDW0qc=Sqq=A@mail.gmail.com> <CAOJ7v-3moUqwgxkz1Fek4vy-XV+WpDaO-PsQZEw4ougoCHjLww@mail.gmail.com> <CANN+akZ=Ebw41mA2wEX7-4u6q5WcZbFtM=VMLX4nDK39S=QGOQ@mail.gmail.com> <CAOJ7v-3X2Sj8Yid+i0=xadyH_Hmf4pMOF_iuOV+56Ty8HNnJuw@mail.gmail.com> <0ED74BE5-AC02-44C5-80E1-18532BD3D1FF@westhawk.co.uk> <CAOJ7v-0TGqvp=MUmeEUjYZTcvV37qbYSTV0pFMoi1J0CJQ7Q4A@mail.gmail.com> <CABkgnnXBTC5TERquJPO4dgiAKz037Cm0Omw4YrobtCW=wmGPyQ@mail.gmail.com> <CAOJ7v-0yzvu9POvR4Auokykqc63eju6_CveAzyVpcSd1kkK6Nw@mail.gmail.com> <CABkgnnXL6sdCDt=hjX+7KbP+xYm9jCmgjJNy4CvPPna_0oin=g@mail.gmail.com> <CAOJ7v-33ODGTsmbHEp_U7UdROvuKR7O7bne2_0tX6ivVf-+C5A@mail.gmail.com>
In-Reply-To: <CAOJ7v-33ODGTsmbHEp_U7UdROvuKR7O7bne2_0tX6ivVf-+C5A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 10 Jul 2018 08:42:36 +1000
Message-ID: <CABkgnnWJM4CE2ZLHYOOd=VYUj7kn5wFMAbeGB1HRyp++nvbPoQ@mail.gmail.com>
To: Justin Uberti <juberti@google.com>
Cc: tim panton <thp@westhawk.co.uk>, RTCWeb IETF <rtcweb@ietf.org>, youenn fablet <yfablet@apple.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/vIg9aFQ4JdBwoxavqNUVDrfHoIc>
Subject: Re: [rtcweb] Security implications of host candidates
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 22:42:53 -0000
On Tue, Jul 10, 2018 at 8:19 AM Justin Uberti <juberti@google.com> wrote: > Well, Tor browser would really need all WebRTC traffic to flow through Tor, to prevent linking sessions via the srflx IPs. The anonymity set would be the hosts on the same exit node, which I assume is >1. More to the point, different top-level contexts use different circuits, and therefore (likely) different exits. IOW, as proposed, the linking there is fine. > But let me get to the point. Adding the limitations discussed for .local has minimal downside, but what, if anything, should we do with IPv6 host candidates? If we decide that we want to prevent host-host IPv6 connections, there will be implications for datachannel applications. I don't think that we should treat v6 specially here. If it is a host candidate, use mDNS or don't provide it. That avoids making a judgment about the relative prevalence of v6 NAT and other such things.
- Re: [rtcweb] Security implications of host candid… westhawk
- Re: [rtcweb] Security implications of host candid… Harald Alvestrand
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Martin Thomson
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… youenn fablet
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Martin Thomson
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Martin Thomson
- Re: [rtcweb] Security implications of host candid… Feross Aboukhadijeh
- [rtcweb] Security implications of host candidates Justin Uberti
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… youenn fablet
- Re: [rtcweb] Security implications of host candid… youenn fablet
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… youenn fablet
- Re: [rtcweb] Security implications of host candid… Lennart Grahl
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Harald Alvestrand
- Re: [rtcweb] Security implications of host candid… youenn fablet
- Re: [rtcweb] Security implications of host candid… Justin Uberti
- Re: [rtcweb] Security implications of host candid… Manuel Kasper
- Re: [rtcweb] Security implications of host candid… Nils Ohlmeier
- Re: [rtcweb] Security implications of host candid… Justin Uberti