- 
                Notifications
    You must be signed in to change notification settings 
- Fork 13
N29: A way to obtain user consent for one-way media and data use cases #14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | 
|---|---|---|
|  | @@ -141,6 +141,9 @@ <h3>File Sharing</h3> | |
| be supported by servers as well as user agents. | ||
| N15 It must be possible to support data exchange | ||
| in a worker. | ||
| N29 The application must be able to request user consent | ||
| There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We should also consider allowing the exposure of local IP not via user prompt but in "out-of-band" methods like browser Enterprise policy | ||
| for one-way media and data only use cases in a | ||
| There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This section is "file sharing", so "one-way media" should be broken out in a separate use case. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. By that, do you mean add the requirement to "Video Conferencing with a Central Server" as well? I'm also wondering if it's clear enough what "user consent" is referring to. What are your opinions? | ||
| non-discriminating way. | ||
| </pre> | ||
| References: | ||
| <ol> | ||
|  | @@ -367,6 +370,9 @@ <h3>Requirements</h3> | |
| rendered. | ||
| N28 TBD: restrictions on the application so as to | ||
| prevent unauthorized recording of the session. | ||
| N29 The application must be able to request user consent | ||
| for one-way media and data only use cases in a | ||
| non-discriminating way. | ||
| There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What does "non-discriminating way" mean? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This can easily be misinterpreted as one-way media and data should not be allowed without user consent. This is about better connections (by exposing IP addresses), but it's not clear what the user is consenting to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 
 The intent is to ensure that there is at least one use case neutral (thus, non-discriminating) way to request user consent. Maybe I should rephrase? Any suggestions? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 
 I don't understand that. When we're talking about consent, it usually means the form of consent as described by the IP handling draft which is what this is targeting. Should I clarify this? Suggestions? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Agree with @henbos, this needs to talk specifically about IP address enumeration, not the use cases (most of which don't need IP address enumeration) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Okay, perfectly fine with that as it also points out more clearly what concrete use cases it targets. I'll /cc @steely-glint just in case. Justin, could you make a concrete proposal that would work for you? I'll happily update the PR with your framing. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. "N29: Support for one-way media and data applications between browsers inside the same LAN", which basically reduces to finding an alternative to mDNS for this environment. You could also call out "NXX: Ability for one-way media and data applications to control the network interface used by ICE" as a separate requirement, which may point at a different solution. This particular problem largely reduces to a special case consideration to route real-time traffic directly when a VPN is in use, and may be solvable via its own targeted solution. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm reasonably happy with "N29: Support for one-way media and data applications between browsers inside the same LAN" but I have 2 minor issues. 
 I don't agree with your framing of NXX as a VPN problem - it also addresses outages - so lets discuss that in a different issue. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yea, or a corp network that uses MPLS and site-site VPN to make it all look like 1 big LAN. Is there a standard name for a "continuously virtual connected not NATed network" ? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. perhaps we could add 'p2p' to 1), e.g., "N29: Support for one-way media and data applications to connect P2P to other browsers inside the same LAN". Definition of what exactly is meant by LAN is probably better left as sub-bullets. | ||
| </pre> | ||
| </section> | ||
| </section> | ||
|  | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Request user consent" is an implementation, not a requirement. Please rephrase what the requirement is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it just the word "request"? What about replacing it with "obtain"?