Re: [rtcweb] draft-jesup-rtcweb-data-00 posted

On 10/25/2011 11:31 AM, Hadriel Kaplan wrote:
> On Oct 25, 2011, at 10:20 AM, Eric Rescorla wrote:
>> On Tue, Oct 25, 2011 at 1:02 AM, Hadriel Kaplan<>  wrote:
>>> Req. 8: The data stream transport protocol MUST NOT encode IP addresses inside its protocol fields; doing so reveals potentially private information, and leads to failure if the address is depended upon.
>> I don't really understand what this means. In general, the peer has
>> access to your IP address
>> information from ICE.
>  From a privacy perspective: if a person uses a Web-site designed with privacy/anonymity in mind (e.g., battered-spouse forum), then the site would relay your media-plane stuff through a type of TURN server that does ICE itself both ways.  But if the SCTP layer on top of UDP encodes your local IP using one of the optional SCTP fields in RFC 4960 or 5061, then you lose that anonymity.  Since the SCTP layer is built into the Browser and not under control of the Javascript, a site can't prevent it from revealing that info.

There's a corollary: a user should be able to set their browser and/or 
App to force all incoming calls (and maybe outgoing) through a TURN 
server.  (There may be other uses for this ability, like corporate 
firewall traversal, but the case you mention is one of them).  Witness 
the recent attack on identity info on Skype using call-setup protocols, 
without even decoding them:

In theory it could be more nuanced - direct connections for people in 
your phonebook, or listed as friends, etc.  But that may be too 
confusing for generic users, and too likely to mess up.

This is more likely a W3C issue, so CC-ing that list

Randell Jesup

Received on Thursday, 27 October 2011 19:07:28 UTC