- From: Harald Alvestrand via GitHub <sysbot+gh@w3.org>
- Date: Tue, 10 Nov 2020 19:24:59 +0000
- To: public-webrtc-logs@w3.org
In the particular issue that prompted us to consider this problem (#2534, #2426), the other mitigation that Chrome applied (apart from respecting the Fetch blocked-ports list) was to place an absolute upper bound on the number of ports a browser could open simultaneously. I must admit that I have no idea what the next attack is going to be, so I thought I'd leave it a bit open-ended, just pointing out that "just because you can add a candidate doesn't mean that the browser will try to use that candidate" - especially since the WG recommended failing silently rather than failing with an error. -- GitHub Notification of comment by alvestrand Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2598#issuecomment-724915176 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 10 November 2020 19:25:03 UTC