- From: Greg Norcie <gnorcie@cdt.org>
- Date: Wed, 17 Feb 2016 12:08:45 -0500
- To: Keiji Takeda <tkeiji@w3.org>
- Cc: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>, "public-privacy@w3.org" <public-privacy@w3.org>, "runnegar@isoc.org" <runnegar@isoc.org>, "tjwhalen@google.com" <tjwhalen@google.com>
- Message-ID: <CAMJgV7ZQwC9qz+rUQcsvkzc2SJz0CShS1vvR4aMJ4JoRHn7XAw@mail.gmail.com>
I don't think you're misunderstanding, these all seem like valid points :) Looking forward to discussing! /********************************************/ Greg Norcie (norcie@cdt.org) Staff Technologist Center for Democracy & Technology District of Columbia office (p) 202-637-9800 PGP: http://norcie.com/pgp.txt *CDT's Annual Dinner (Tech Prom) is April 6, 2016. Don't miss out!learn more at https://cdt.org/annual-dinner <https://cdt.org/annual-dinner>* /*******************************************/ On Wed, Feb 17, 2016 at 10:54 AM, Keiji Takeda <tkeiji@w3.org> wrote: > Greg, > > Thank you for sharing your thought. > > I also have been reviewing the spec and have some points need to be > discussed. > > I feel like WebRTC is defining functions beyond current web security and > privacy practices/principles so we need to examine their appropriateness > carefully. > > For example ... > > - It makes holes in same origin policy. > - It reveals client's IP addresses behind VPN or Tor. > - It provides more fingerprinting surface to track users. > - Most functions are all or nothing(as Greg pointed out) and it is > difficult to be conscious unless users intentionally use WebRTC. > (Attack can be effective against user who do not use WebRTC.) > > I may be missing some point but please let me know if I am > misunderstanding. > > Keiji Takeda > > > On 2/16/16 3:35 PM, Greg Norcie wrote: > >> Hi all, >> >> I read through the WebRTC 1.0 spec, and I had a few things that jumped >> out, >> would love to hear if the rest of the group agrees/disagrees. >> >> First, I noticed that the getStats[1] API seems to get a ton of granular >> data, some of which could be used to fingerprint users. Do we feel that >> this level of granularity is in keeping with previous guidance on >> Fingerprinting? [2] >> >> Along similar lines, I noticed that consent for WebRTC seems to be quite >> all or nothing - once granted it seems to be difficult to revoke. >> Considering WebRTC can expose a user's local IP, maybe we should recommend >> that this consent be easily revocable and visible when in place? >> >> >> This has come up in two different reviews now[3], so we may want to give >> some guidance in the privacy questionnaire. (I will be looking at our >> current language and drafting some changes later this week) >> >> [1] https://www.w3.org/TR/webrtc-stats/ >> [2] https://w3c.github.io/fingerprinting-guidance/ >> [3] The previous being the Permissions UI: >> https://www.w3.org/TR/permissions/ >> >> >> /********************************************/ >> Greg Norcie (norcie@cdt.org) >> Staff Technologist >> Center for Democracy & Technology >> District of Columbia office >> (p) 202-637-9800 >> PGP: http://norcie.com/pgp.txt >> >> >> >> *CDT's Annual Dinner (Tech Prom) is April 6, 2016. Don't miss out!learn >> more at https://cdt.org/annual-dinner <https://cdt.org/annual-dinner>* >> >> /*******************************************/ >> >> On Mon, Feb 1, 2016 at 5:08 AM, Stefan Håkansson LK < >> stefan.lk.hakansson@ericsson.com> wrote: >> >> Dear Privacy Interest Group, >>> >>> The WebRTC Working Group is working toward publishing the WebRTC 1.0 >>> specification to Candidate Recommendation and is thus seeking wide >>> review on the document: >>> >>> https://www.w3.org/TR/2016/WD-webrtc-20160128/ >>> >>> We are particularly interested on feedback on the following aspects from >>> PING: >>> - the privacy considerations, >>> - more specifically, the risks associated with exposing IP addresses as >>> part of the establishment of the P2P connection, >>> - the privacy properties of the identity verification mechanism, >>> - the guarantees provided by isolated mediastreams. >>> >>> We of course also welcome feedback on any other aspect of the >>> specification.. >>> >>> We would appreciate if that feedback could be provided before the week >>> of February 22 where our next meeting in scheduled, and no later than >>> March 1st. >>> >>> If you have any comments, we prefer you submit them as Github issues: >>> https://github.com/w3c/webrtc-pc/issues >>> Alternatively, you can send your comments by email to >>> public-webrtc@w3.org >>> . >>> >>> Thanks, >>> >>> For the WebRTC co-chairs, >>> Stefan Håkansson >>> >>> >>> >>> >>
Received on Wednesday, 17 February 2016 17:09:34 UTC