Re: Signaling & peerconnection API questions

On 07/19/11 16:21, Stefan Håkansson LK wrote:
> On 2011-07-18 23:07, Ian Hickson wrote:
>> On Mon, 18 Jul 2011, Prakash wrote:
>>>
>>> Excellent. Thanks Ian. I was most concerned about interop with non
>>> browser/existing systems. If the message is not opaque, then anyone
>>> should be able to translate it if needed.
>>
>> Indeed. Compatibility with SIP in particular was high on my mind when
>> designing this API; the intent is that it should be almost trivial to 
>> do a
>> SIP gateway for this stuff. (I mean, as trivial as this stuff can get,
>> anyway...)
>>
> I wonder, is there a security problem lurking here? According to 
> section 5.1 in <http://tools.ietf.org/html/rfc5245>, the agent should 
> proceed as if the other end does not support ICE if the initial SDP 
> offer indicates so.
>
> So basically the web app could fake an SDP offer (indicating no 
> support of ICE) locally, feed it to a PeerConnection object and then 
> use 'send' to have the browser send data to an IP address and port of 
> its choice (the address/port in the fake SDP).
Yes, we can expect JS that sends SDP offers that aren't at all what 
people expect. Good attack vector to be aware of.

Since we mandate ICE, I think the correct interpretation in a browser of 
"the agent should proceed as if the other end does not support ICE" in 
this context is refusing the call.

>
> This is not at all my area, so apologies up front if I got things wrong.
I think this needs to be remembered in the IETF context, also.

>
> Stefan
>
>

Received on Tuesday, 19 July 2011 14:30:22 UTC