W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > March 2019

Re: [webrtc-pc] RTCIceTransport.getRemoteCandidates() does not return prflx candidates (#2124)

From: docfaraday via GitHub <sysbot+gh@w3.org>
Date: Thu, 21 Mar 2019 14:24:38 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-475249883-1553178277-sysbot+gh@w3.org>
Ok, so the threat model here is that you have a host candidate leaked to JS by having two PCs created on the same browser, and using mDNS. mDNS allows STUN transactions to succeed on host candidates without any host candidates being trickled, so we want to hide them from JS.

I can see the value of hiding this information in this case, but having non-obfuscated prflx candidates available in the stats API for the general case is probably important.

-- 
GitHub Notification of comment by docfaraday
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2124#issuecomment-475249883 using your GitHub account
Received on Thursday, 21 March 2019 14:24:39 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:46 UTC