[webrtc-nv-use-cases] Local IP obfuscation (#59) from Shachar Zohar via GitHub on 2020-02-05 (public-webrtc@w3.org from February 2020)

From: Shachar Zohar via GitHub <sysbot+gh@w3.org>
Date: Wed, 05 Feb 2020 10:24:45 +0000
To: public-webrtc@w3.org
Message-ID: <issues.opened-560275238-1580898283-sysbot+gh@w3.org>

shacharz has just created a new issue for https://github.com/w3c/webrtc-nv-use-cases:

== Local IP obfuscation ==
Host-to-Host connectivity is essential for use cases like enterprise streaming over large local networks. On the other hand, privacy concerns require that local IPs are not revealed.

A few solutions have been considered:

1. [Limiting the exposed candidates]( https://tools.ietf.org/html/draft-ietf-rtcweb-ip-handling-12)
2. [mDNS](https://tools.ietf.org/html/draft-ietf-rtcweb-mdns-ice-candidates-04)
3. [Encrypted ice-candidates](https://tools.ietf.org/html/draft-wang-mmusic-encrypted-ice-candidates-00)

The current status is that Chrome, Edgium, Firefox and Safari are using mDNS hostnames in host candidates and use the mDNS protocol to resolve the local IP. We have seen in multiple corporate networks that this causes significant performance issues due to the inability to connect devices within the corporate network (mostly because of the 1-hop limit).

As an interim solution, Chrome has disabled mDNS in Chrome Enterprise deployments and is exposing the local IP in host candidates for those browsers. This has resolved the above issues.

The suggested long term solution is encrypted ice-candidates. While IMO this solution is a good way forward, **there are a few concerns I’d like to raise:**

1. The mechanism of sharing keys is outside the scope of the document. An example of an existing mechanism that can be used is Chrome Enterprise Policies.
1. Will the zero configuration characteristic of WebRTC remain? Or will IT configuration and personnel be needed to obtain connectivity in corporate networks? One can think of a mechanism to automatically create keys using the enterpriseID (Is that viable in terms of key rolling and security?)
1. Will browsers be interoperable (i) by default, (ii) via configuration (passing an external shared key to all browsers in the corporate) or (iii) not interoperable at all?
1. How will corporations without an enterprise version of the browser gain local connectivity capabilities?

Please view or discuss this issue at https://github.com/w3c/webrtc-nv-use-cases/issues/59 using your GitHub account

Received on Wednesday, 5 February 2020 10:24:47 UTC