Re: webrtc vs socks proxies

Am 10.02.2015 um 08:54 schrieb Benjamin Schwartz:
> As I expect you are aware, the RETURN draft currently contains contrary
> guidance on this point (
> "WebRTC
> browsers MUST by default (i.e. unless deliberately configured otherwise)
> treat SOCKS5 proxies as leaky"

The IETF specifies how browsers behave regarding proxies? Ugh... forget 
I asked :-)

> My expectation is that most proxy users are _not_ using the proxy in an
> attempt to improve their privacy.  Rather, they are using the proxy in an

I tend to disagree, but don't have numbers.

> attempt to improve their ability to access network resources, such as when
> operating on a restricted network or when accessing intranet resources.
> For those users, it would be unexpected and unfortunate if activating the
> proxy made many websites _stop_ working.


> However, the main reason for this recommendation was to maintain
> compatibility with existing browsers, which (as you've noticed) do not
> block UDP when a SOCKS proxy is activated.

Right. Whether this behaviour is what users expect is the question that 
I am raising. The media outcry looks like they did not. Even after 
subtracting the noise.


> P.S. There is also the additional complication that SOCKS proxies are often
> configured by PAC files, which determine proxy settings for each request
> depending on its URL, but RTCPeerConnection objects are not associated with
> a destination URL.

ugh. Good point. Doing this "right" might be a nontrivial effort.

Received on Tuesday, 10 February 2015 20:08:40 UTC