Opened 8 years ago

Last modified 8 years ago

#7 new defect

Section 4.2.4

Reported by: bernard_aboba@… Owned by: draft-ietf-rtcweb-security@…
Priority: minor Milestone: milestone1
Component: security Version: 1.0
Severity: In WG Last Call Keywords:


4.2.4. IP Location Privacy

Note that as soon as the callee sends their ICE candidates, the
caller learns the callee's IP addresses. The callee's server
reflexive address reveals a lot of information about the callee's
location. In order to avoid tracking, implementations may wish to
suppress the start of ICE negotiation until the callee has answered.
In addition, either side may wish to hide their location entirely by
forcing all traffic through a TURN server.

[BA] Might be useful to say explicitly that the concern about location privacy is restricted to media; hiding the client's location from the Web server is handled by things like ToR, and signaling privacy is constrained by the signaling protocol (e.g. SIP privacy, etc.).

Change History (1)

comment:1 Changed 8 years ago by bernard_aboba@…

Section 5.4 of the Security-Arch document mentions ToR. Does it make sense to move some of that material to Section 4.1 of this document?

Note: See TracTickets for help on using tickets.