IETF Logo Mail Archive

Re: [rtcweb] Revealing IP addresses (Re: Review of draft-ietf-rtcweb-use-cases-and-requirements-10 (Part II))

Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com> Sat, 02 February 2013 12:56 UTC

Return-Path: <stefan.lk.hakansson@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7B7621F9069 for <rtcweb@ietfa.amsl.com>; Sat, 2 Feb 2013 04:56:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.916
X-Spam-Level:
X-Spam-Status: No, score=-5.916 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cjm+ehufCZpp for <rtcweb@ietfa.amsl.com>; Sat, 2 Feb 2013 04:56:55 -0800 (PST)
Received: from mailgw7.ericsson.se (mailgw7.ericsson.se [193.180.251.48]) by ietfa.amsl.com (Postfix) with ESMTP id 8ECA121F900E for <rtcweb@ietf.org>; Sat, 2 Feb 2013 04:56:54 -0800 (PST)
X-AuditID: c1b4fb30-b7f0d6d000007e61-a9-510d0d153d84
Received: from esessmw0184.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw7.ericsson.se (Symantec Mail Security) with SMTP id 9F.42.32353.51D0D015; Sat, 2 Feb 2013 13:56:53 +0100 (CET)
Received: from [153.88.52.47] (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.82) with Microsoft SMTP Server id 8.3.279.1; Sat, 2 Feb 2013 13:56:53 +0100
Message-ID: <510D0D14.4050301@ericsson.com>
Date: Sat, 02 Feb 2013 13:56:52 +0100
From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <50F97303.4070906@ericsson.com>, , , <CABkgnnWcqZ+dU+87djBQ0z47ufB-Go13mWyPi_ZQA8BPinQJEA@mail.gmail.com>, , <BLU002-W1705DC54006131B55B432A931F0@phx.gbl>, <BLU002-W210B8DBB897CAF5BECC501A931F0@phx.gbl>, <5109265F.6040106@ericsson.com> <BLU002-W123BE6BAA58BE0B26DEA28F931E0@phx.gbl> <510B9A41.8000804@ericsson.com> <510B9FD8.6000008@alvestrand.no> <510BB070.9040602@ericsson.com> <510CEAF9.6020509@alvestrand.no>
In-Reply-To: <510CEAF9.6020509@alvestrand.no>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPJMWRmVeSWpSXmKPExsUyM+Jvra4oL2+gwfEeWYu1/9rZHRg9liz5 yRTAGMVlk5Kak1mWWqRvl8CV8fnuZqaCJeIVBzadYG1gnCLUxcjJISFgIrFrwXUWCFtM4sK9 9WxdjFwcQgInGSX2tc9jgnBWMkp8e3WQHaSKV0BbYseuHlYQm0VAReLe924mEJtNIFDi+v9f YLaoQJTE+6tNzBD1ghInZz4B2yAiICyx9VUvUA0Hh7BAhcSaVkeI+SuYJTa3zgKr5xTQldi+ 8TYbiM0sYCtxYQ7EdcwC8hLNW2eD1QgB1bx7fY91AqPALCQrZiFpmYWkZQEj8ypG9tzEzJz0 cvNNjMBAO7jlt8EOxk33xQ4xSnOwKInzhrteCBASSE8sSc1OTS1ILYovKs1JLT7EyMTBKdXA uL99aQFPreVE5hKRT58C9rzVl+yfWnOi89A/xbBdMeEWHaeeT/yappXwo0Yv+Xwvp+Cfpw+E ea+5FhZHizMVKZz/9Pnu/ctpQQ+erVVUrdTpMjEyKlhcY+91em5n6uzOv4zqUZYyfmsSViVX SpY4d0ooBOy08/3xRUTxnw3TYcHtztN/LvusxFKckWioxVxUnAgAur5ZkgICAAA=
Subject: Re: [rtcweb] Revealing IP addresses (Re: Review of draft-ietf-rtcweb-use-cases-and-requirements-10 (Part II))
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Feb 2013 12:56:55 -0000

On 2013-02-02 11:31, Harald Alvestrand wrote:
> On 02/01/2013 01:09 PM, Stefan Håkansson LK wrote:
>> On 2013-02-01 11:58, Harald Alvestrand wrote:
>>> On 02/01/2013 11:34 AM, Stefan Håkansson LK wrote:
>>>>>
>>>>>     A25             It must be possible for the application to
>>>>>                     refrain from exposing the IP address
>>>>>
>>>>> [BA] I am assuming we are talking about exposing the originating IP
>>>>> address of media, which can be addressed via TURN.
>>>>> If so, this is more of a protocol than an API requirement. Since the
>>>>> ICE candidates need to exposed in the API in
>>>>> order to allow them to be signaled, I am not sure how we can avoid
>>>>> exposing those to the application.  Similarly, the
>>>>> HTTP server can obtain the IP address used by the HTTP client. Even
>>>>> within SIP, there are VIA headers and contact
>>>>> headers, so it is not easy to avoid disclosure of the IP address to
>>>>> everyone.  So I think we need to be more clear
>>>>> about what we are trying to avoid exposing, and to whom.
>>>>
>>>> Personally I would like to get rid of this requirement. The
>>>> application can always get all candidates. To have a way to let the
>>>> application ask for _only_ the TURN candidates does not change this -
>>>> that kind of API is more for convenience (so that the app you trust
>>>> does not have to remove privacy revealing candidates from the offer,
>>>> but can instead ask the browser to deliver an offer without them).
>>> I think this requirement is important, but needs reformulation.
>>>
>>> Should we instead say
>>>
>>> "It MUST be possible to set up a call between two parties A and B
>>> without one party learning the other party's IP address"
>>
>> This requirement is not on the browser (or its APIs) per se, if we go
>> this path it almost belongs into another category than what we
>> currently have.
>
> I think it is, actually - the A browser has to be able to send media to
> B without sending IP packets to B, which means that it has to use an
> intermediary, and force B to use an intermediary too. TURN does that, we
> could imagine other solutions (the people who made Tor could probably
> think of many more schemes).

OK. Here is a shot at it:

Fnn: The browser MUST be able to send streams and                   data 
to a peer in such a fashion that the peer is not (e.g. by inspection of 
packets belonging to the streams or data or any associated signaling 
messages) able to find out the xxxxx IP address used by the browser

There has been some discussion of xxxxx; is it needed, and if so, what 
should it say? "host"? "local"?



>
> The API requirement is that the application should be able to request
> that functionality.

Yes, that is simple if we could get Fnn done...

>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email