IETF Logo Mail Archive

Re: [rtcweb] Please require user consent for data channels

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Sun, 19 July 2015 06:06 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF02C1A0056 for <rtcweb@ietfa.amsl.com>; Sat, 18 Jul 2015 23:06:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.211
X-Spam-Level:
X-Spam-Status: No, score=-14.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wOmTnoCVRVD for <rtcweb@ietfa.amsl.com>; Sat, 18 Jul 2015 23:06:30 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D96EB1A0055 for <rtcweb@ietf.org>; Sat, 18 Jul 2015 23:06:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4114; q=dns/txt; s=iport; t=1437285989; x=1438495589; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=m8WvKWRZpq3rjO0pLUELPC7jaJKpuofYA4cNN7TlM30=; b=ApCLAaRlmLPw2BN4NpSGl2Ajb/HkjvMA7trLPG7JGeYI1Qa2D7MI57Mg tLhJkZGdAKORsGL5Nr5mFkXXsV0/nkZsAli+XYH0bfFA7lzVkA/jHF0JI xqQjuyG4NMSRZH7+YxkW6AA807leEY/ziCHPE0Lubx6X0y3JNbxiLx2Cl Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CeAwDvPatV/4ENJK1bgxNUaQaDHbhDCYFrCoUtSgIcgQE4FAEBAQEBAQGBCoQjAQEBAwEBAQEgEToLDAQCAQgOAwQBAQMCBh0DAgICJQsUAQgIAgQBDQUIiB4IDbV9lTMBAQEBAQEBAQEBAQEBAQEBAQEBAQETBIEiiiqEOxoWGwcGgmIvgRQFlFIBhG6IdYQakyomghIXgVNvAYFGgQQBAQE
X-IronPort-AV: E=Sophos;i="5.15,502,1432598400"; d="scan'208";a="11021493"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-9.cisco.com with ESMTP; 19 Jul 2015 06:06:28 +0000
Received: from xhc-rcd-x07.cisco.com (xhc-rcd-x07.cisco.com [173.37.183.81]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id t6J66SVM017796 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sun, 19 Jul 2015 06:06:28 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.123]) by xhc-rcd-x07.cisco.com ([173.37.183.81]) with mapi id 14.03.0195.001; Sun, 19 Jul 2015 01:06:28 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Simon Perreault <sperreault@jive.com>, Iñaki Baz Castillo <ibc@aliax.net>, Roman Shpount <roman@telurix.com>
Thread-Topic: [rtcweb] Please require user consent for data channels
Thread-Index: AQHQu/izWohR92uoXEOLCR4wOYsJlp3gUf+AgAAE9YCAAAPXAIAACd0AgAAUy4CAAAp/gIAACqEAgAASeYCAAAY4AIAABvcAgAAB2YCAAAHDgIAAApCAgAABD4CAABlagIAAiBiAgAAGYwCAALfQAIAAQehQ
Date: Sun, 19 Jul 2015 06:06:28 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A47894E34@xmb-rcd-x10.cisco.com>
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com> <CAOJ7v-24VCW6kkn7LOLkqZzhYEU0r=nmd_F7Zns1rnyqKN6xAg@mail.gmail.com> <55A95364.2070806@gmail.com> <CAOJ7v-3t9BQabR2e4EHs4G0Sec4sU9DFC2aiSXXYrat+an+RYg@mail.gmail.com> <55A96DA3.1040907@gmail.com> <CAOJ7v-1ui7349NzK6NZNRHPbnHWZajctk4cDgMKqRZSv47EYdA@mail.gmail.com> <55A9860D.8030903@gmail.com> <CAOJ7v-3LGd32rnpFVW_U0s3+iVaJXsL4vt_YAo=cyp6YyOArdw@mail.gmail.com> <CALiegfmiS18Jux-kCgOhTKKiyGtMertj6xCegpFrox5NOf9EJg@mail.gmail.com> <CABkgnnW0Tmjqz823vKiF84_u6HasBJC7ERMYCO2HL_NPj5saTA@mail.gmail.com> <CALiegfkpbLy1QXxr-RRF0oOpVv1sWsFeab=vvC4iT4DnPtjKQw@mail.gmail.com> <CABkgnnVWcuhX2NjZgx87L+Uo6df6rEBWW73cxbaX3mu_VfHmCA@mail.gmail.com> <CALiegfkQWAn-jMrjhcDPA3rtowOPVk-S8z3c-jvjpNmjtf=3hA@mail.gmail.com> <CABkgnnWERM4oxozNCSvRf1o0Wm-d9Bjw=9B+xh_NJ+h6GfBJ6Q@mail.gmail.com> <CAD5OKxt-DZCGFECv2UYH8g0fD6EAk39cdpWD-CsN_ED6L4hfKg@mail.gmail.com> <CALiegf=zM54gNjgj65VYV5H3tS-iV5Kg0PrBeF7svYRYZ-JLPw@mail.gmail.com> <55AABE28.8070105@jive.com>
In-Reply-To: <55AABE28.8070105@jive.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.32.139]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/yNdtRTvlajUCYbg1I7-m0u6Qqqs>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jul 2015 06:06:31 -0000

> -----Original Message-----
> From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Simon Perreault
> Sent: Sunday, July 19, 2015 2:29 AM
> To: Iñaki Baz Castillo; Roman Shpount
> Cc: rtcweb@ietf.org
> Subject: Re: [rtcweb] Please require user consent for data channels
> 
> Le 2015-07-18 06:01, Iñaki Baz Castillo a écrit :
> > 2015-07-18 11:38 GMT+02:00 Roman Shpount <roman@telurix.com>:
> >> Sending data to a particular destination over an interface that is
> >> not supposed to be used based on the local routing is definitely
> >> something that goes against the local policy and should be
> >> discouraged. For instance on a mobile device, not being able to reach
> >> a particular STUN/TURN server over WiFi, should not give the browser
> >> an automatic permission to send media over cell data interface and
> >> generate a huge bill for the customer. Forcibly overwriting default
> >> route is something that should need user consent. I understand that
> >> we want the call to succeed in as many cases as possible, but blindly
> >> assuming that the local routing policy exists for no reason whatsoever is
> somewhat dangerous.
> >
> > +1
> 
> -1
> 
> Justin and Martin are right.
> 
> This is a concept that was explained during the ICE tutorial that was presented
> at IETF 92.
> 
> Imagine the following multihomed host with three interfaces:
> 
> - Wi-fi interface with default route.
> - Wired interface with default route.
> - VPN interface with default route.
> 
> Which one should you use to talk to the STUN/TURN server? If you bind to
> 0.0.0.0 then the kernel *will* pick one, but only because it *has to.
> All three interfaces are equivalent: they all have a default route and can a priori
> be used to talk to the server.
> 
> Being multihomed means multiple interfaces with a default route. There's no
> "going against the local policy" in this case when sending packets on any
> interface.
> 
> The point is that in this case, all three interfaces can potentially yield different
> server-reflexive candidates, which is why they must be gathered separately. As
> for relayed candidates, they also need to be gathered separately because some
> interfaces may be faster for talking to the TURN server and it is useful to
> compare the candidates gathered on all 3 interfaces. Also nothing guarantees
> that you're allowed to reach the server server on any interface that has a
> default route, so you need to try them all.

This will change in the future with multiple provisioning domains (PVD) defined in MIF WG, new socket API will be provided to allow applications to learn about each PVD and use them separately, and as discussed in https://tools.ietf.org/html/rfc7556#section-6.3 application may not override hard set selected by the user.

-Tiru
 
> 
> Simon
> 
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email