- From: Keiji Takeda <tkeiji@w3.org>
- Date: Wed, 17 Feb 2016 10:54:56 -0500
- To: norcie@cdt.org, Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
- Cc: "public-privacy@w3.org" <public-privacy@w3.org>, "runnegar@isoc.org" <runnegar@isoc.org>, "tjwhalen@google.com" <tjwhalen@google.com>
Greg, Thank you for sharing your thought. I also have been reviewing the spec and have some points need to be discussed. I feel like WebRTC is defining functions beyond current web security and privacy practices/principles so we need to examine their appropriateness carefully. For example ... - It makes holes in same origin policy. - It reveals client's IP addresses behind VPN or Tor. - It provides more fingerprinting surface to track users. - Most functions are all or nothing(as Greg pointed out) and it is difficult to be conscious unless users intentionally use WebRTC. (Attack can be effective against user who do not use WebRTC.) I may be missing some point but please let me know if I am misunderstanding. Keiji Takeda On 2/16/16 3:35 PM, Greg Norcie wrote: > Hi all, > > I read through the WebRTC 1.0 spec, and I had a few things that jumped out, > would love to hear if the rest of the group agrees/disagrees. > > First, I noticed that the getStats[1] API seems to get a ton of granular > data, some of which could be used to fingerprint users. Do we feel that > this level of granularity is in keeping with previous guidance on > Fingerprinting? [2] > > Along similar lines, I noticed that consent for WebRTC seems to be quite > all or nothing - once granted it seems to be difficult to revoke. > Considering WebRTC can expose a user's local IP, maybe we should recommend > that this consent be easily revocable and visible when in place? > > > This has come up in two different reviews now[3], so we may want to give > some guidance in the privacy questionnaire. (I will be looking at our > current language and drafting some changes later this week) > > [1] https://www.w3.org/TR/webrtc-stats/ > [2] https://w3c.github.io/fingerprinting-guidance/ > [3] The previous being the Permissions UI: > https://www.w3.org/TR/permissions/ > > > /********************************************/ > Greg Norcie (norcie@cdt.org) > Staff Technologist > Center for Democracy & Technology > District of Columbia office > (p) 202-637-9800 > PGP: http://norcie.com/pgp.txt > > > > *CDT's Annual Dinner (Tech Prom) is April 6, 2016. Don't miss out!learn > more at https://cdt.org/annual-dinner <https://cdt.org/annual-dinner>* > /*******************************************/ > > On Mon, Feb 1, 2016 at 5:08 AM, Stefan Håkansson LK < > stefan.lk.hakansson@ericsson.com> wrote: > >> Dear Privacy Interest Group, >> >> The WebRTC Working Group is working toward publishing the WebRTC 1.0 >> specification to Candidate Recommendation and is thus seeking wide >> review on the document: >> >> https://www.w3.org/TR/2016/WD-webrtc-20160128/ >> >> We are particularly interested on feedback on the following aspects from >> PING: >> - the privacy considerations, >> - more specifically, the risks associated with exposing IP addresses as >> part of the establishment of the P2P connection, >> - the privacy properties of the identity verification mechanism, >> - the guarantees provided by isolated mediastreams. >> >> We of course also welcome feedback on any other aspect of the >> specification.. >> >> We would appreciate if that feedback could be provided before the week >> of February 22 where our next meeting in scheduled, and no later than >> March 1st. >> >> If you have any comments, we prefer you submit them as Github issues: >> https://github.com/w3c/webrtc-pc/issues >> Alternatively, you can send your comments by email to public-webrtc@w3.org >> . >> >> Thanks, >> >> For the WebRTC co-chairs, >> Stefan Håkansson >> >> >> >
Received on Wednesday, 17 February 2016 15:55:15 UTC