- From: Lennart Grahl via GitHub <sysbot+gh@w3.org>
- Date: Thu, 21 Mar 2019 13:08:37 +0000
- To: public-webrtc-logs@w3.org
We need to be careful to not expose IP addresses that have been hidden via the use of mDNS. Otherwise, one could create two peer connections A and B: 1. Add all candidates from A to B. 2. Filter out all mDNS candidates from B when adding them to A. 3. B will resolve A's concealed IP addresses and start connectivity checks. 4. A will pick them up as prflx candidates, exposing the IP address again. Unless I've missed a mechanism in the mDNS draft (such as an additional STUN attribute). I guess we could just always anonymise/remove IP addresses from prflx candidates before handing them out in stats or any other API surface. -- GitHub Notification of comment by lgrahl Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2124#issuecomment-475221513 using your GitHub account
Received on Thursday, 21 March 2019 13:08:39 UTC