W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009


From: Marcin Hanclik <Marcin.Hanclik@access-company.com>
Date: Tue, 27 Oct 2009 15:24:28 +0100
To: public-webapps <public-webapps@w3.org>
Message-ID: <FAA1D89C5BAF1142A74AF116630A9F2C2890D48DEE@OBEEX01.obe.access-company.com>
Hi All,

These are some comments about the requirements for WARP to handle the UPnP traffic.

1.       UPnP uses multicast address

2.       UPnP uses UDP-based HTTP (GENA, SSDP).

3.       The UPnP traffic takes place in local networks (LAN), therefore we shall assume that the host addresses will be from one of the private IP ranges [1]:        -  (10/8 prefix)      -  (172.16/12 prefix)     - (192.168/16 prefix)

a.       We shall be able to assume that all private LANs are configured correctly with the above addresses and exclude other considerations/misconfigurations (alternatively we could mandate checking the DHCP configuration - masks etc. in the host to derive what the local network is, but it may lead us nowhere)

4.       It is a security-related decision whether an application / widget may access both the Internet and the LAN network at the same time.

a.       Some interesting use cases may be realized.

                                                               i.      E.g. storage of the Internet-downloaded content (e.g. XHR's GET) onto UPnP device or e.g. SVN repository in LAN.

b.      Privacy is a concern.


[1] http://tools.ietf.org/html/rfc1918
Marcin Hanclik
ACCESS Systems Germany GmbH
Tel: +49-208-8290-6452  |  Fax: +49-208-8290-6465
Mobile: +49-163-8290-646
E-Mail: marcin.hanclik@access-company.com


Access Systems Germany GmbH
Essener Strasse 5 | D-46047 Oberhausen
HRB 13548 Amtsgericht Duisburg
Geschaeftsfuehrer: Michel Piquemal, Tomonori Watanabe, Yusuke Kanda


This e-mail and any attachments hereto may contain information that is privileged or confidential, and is intended for use only by the
individual or entity to which it is addressed. Any disclosure, copying or distribution of the information by anyone else is strictly prohibited.
If you have received this document in error, please notify us promptly by responding to this e-mail. Thank you.
Received on Tuesday, 27 October 2009 14:25:06 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:20 UTC