[html5] r5947 - [giow] (0) Hook into SDP's mechanism for defining UDP streams

whatwg at whatwg.org whatwg at whatwg.org
Mon Mar 14 11:53:42 PDT 2011


Author: ianh
Date: 2011-03-14 11:53:41 -0700 (Mon, 14 Mar 2011)
New Revision: 5947

Modified:
   complete.html
   index
   source
Log:
[giow] (0) Hook into SDP's mechanism for defining UDP streams

Modified: complete.html
===================================================================
--- complete.html	2011-03-14 18:24:13 UTC (rev 5946)
+++ complete.html	2011-03-14 18:53:41 UTC (rev 5947)
@@ -1344,8 +1344,9 @@
    <li><a href=#text/ping><span class=secno>17.5 </span><code>text/ping</code></a></li>
    <li><a href=#text/vtt><span class=secno>17.6 </span><code>text/vtt</code></a></li>
    <li><a href=#application/microdata+json><span class=secno>17.7 </span><code>application/microdata+json</code></a></li>
-   <li><a href=#ping-from><span class=secno>17.8 </span><code>Ping-From</code></a></li>
-   <li><a href=#ping-to><span class=secno>17.9 </span><code>Ping-To</code></a></ol></li>
+   <li><a href=#application/html-peer-conection-data><span class=secno>17.8 </span><code>application/html-peer-conection-data</code></a></li>
+   <li><a href=#ping-from><span class=secno>17.9 </span><code>Ping-From</code></a></li>
+   <li><a href=#ping-to><span class=secno>17.10 </span><code>Ping-To</code></a></ol></li>
  <li><a class=no-num href=#index>Index</a>
   <ol>
    <li><a class=no-num href=#elements-1>Elements</a></li>
@@ -72259,6 +72260,11 @@
   is unreliable (packets are not guaranteed to be delivered, and are
   not guaranteed to be delivered in the right order).</p>
 
+  <p>SDP media descriptions for <a href=#data-udp-media-stream title="data UDP media
+  stream">data UDP media streams</a> must use the "<code title="">application</code>" media type, the "<code title="">udp</code>" transport protocol, and the
+  "<code><a href=#application/html-peer-conection-data>application/html-peer-conection-data</a></code>" media format
+  description. <a href=#refsSDP>[SDP]</a></p>
+
   <p>All SDP media descriptions for <a href=#data-udp-media-stream title="data UDP media
   stream">data UDP media streams</a> must include a label attribute
   ("<code title="">a=label:</code>") whose value is the string "<code title="">data</code>". <a href=#refsSDP>[SDP]</a> <a href=#refsSDPLABEL>[SDPLABEL]</a></p>
@@ -72331,8 +72337,9 @@
    destination for the <a href=#data-udp-media-stream>data UDP media stream</a>.</li>
 
   </ol><p>A <dfn id=remote-data-udp-media-stream>remote data UDP media stream</dfn> is the first UDP media
-  stream whose sender is the remote peer, whose label attribute
-  ("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
+  stream whose sender is the remote peer, whose media is "<code title="">application</code>", whose transport protocol is "<code title="">udp</code>", whose media format description is
+  "<code><a href=#application/html-peer-conection-data>application/html-peer-conection-data</a></code>", whose label
+  attribute ("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
   <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE Agent</a> has selected a
   destination, if that media stream has an encryption key advertised
   in its media description, and if that encryption key is 16 bytes
@@ -92153,8 +92160,89 @@
 
 <!--MD-->
 
+
+
+  <h3 id=application/html-peer-conection-data><span class=secno>17.8 </span><dfn><code>application/html-peer-conection-data</code></dfn></h3>
+
+  <p>This registration is for community review and will be submitted
+  to the IESG for review, approval, and registration with IANA.</p>
+
+  <!--
+   To: ietf-types at iana.org
+   Subject: Registration of media type application/html-peer-conection-data
+  -->
+
+  <dl><dt>Type name:</dt>
+   <dd>application</dd>
+   <dt>Subtype name:</dt>
+   <dd>html-peer-conection-data</dd>
+   <dt>Required parameters:</dt>
+   <dd>No required parameters</dd>
+   <dt>Optional parameters:</dt>
+   <dd>No optional parameters</dd>
+   <dt>Encoding considerations:</dt>
+   <dd>This MIME type defines a binary protocol format which uses UTF-8 for text encoding.</dd>
+   <dt>Security considerations:</dt>
+   <dd>
+
+    <p>This format is used for encoding UDP packets transmitted by
+    potentially hostile Web page content via a trusted user agent to a
+    destination selected by a potentially hostile remote server. To
+    prevent this mechanism from being abused for cross-protocol
+    attacks, all the data in these packets is masked so as to appear
+    to be random noise. The intent of this masking is to reduce the
+    potential attack scenarios to those already possible
+    previously.</p>
+
+    <p>However, this feature still allows random data to be sent to
+    destinations that might not normally have been able to receive
+    them, such as to hosts within the victim's intranet. If a service
+    within such an intranet cannot handle receiving UDP packets
+    containing random noise, it might be vulnerable to attack from
+    this feature.</p>
+
+   </dd>
+   <dt>Interoperability considerations:</dt>
+   <dd>
+    Rules for processing both conforming and non-conforming content
+    are defined in this specification.
+   </dd>
+   <dt>Published specification:</dt>
+   <dd>
+    This document is the relevant specification.
+   </dd>
+   <dt>Applications that use this media type:</dt>
+   <dd>
+    This type is only intended for use with SDP. <a href=#refsSDP>[SDP]</a>
+   </dd>
+   <dt>Additional information:</dt>
+   <dd>
+    <dl><dt>Magic number(s):</dt>
+     <dd>No sequence of bytes can uniquely identify data in this
+     format, as all data in this format is intentionally masked to
+     avoid cross-protocol attacks.</dd>
+     <dt>File extension(s):</dt>
+     <dd>This format is not for use with files.</dd>
+     <dt>Macintosh file type code(s):</dt>
+     <dd>This format is not for use with files.</dd>
+    </dl></dd>
+   <dt>Person & email address to contact for further information:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Intended usage:</dt>
+   <dd>Common</dd>
+   <dt>Restrictions on usage:</dt>
+   <dd>No restrictions apply.</dd>
+   <dt>Author:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Change controller:</dt>
+   <dd>W3C</dd>
+  </dl><p>Fragment identifiers used with <code><a href=#text/html>text/html</a></code> resources
+  refer to <a href=#the-indicated-part-of-the-document>the indicated part of the document</a>.</p>
+
+
+
 <!--PING-->
-  <h3 id=ping-from><span class=secno>17.8 </span><dfn title=http-ping-from><code>Ping-From</code></dfn></h3>
+  <h3 id=ping-from><span class=secno>17.9 </span><dfn title=http-ping-from><code>Ping-From</code></dfn></h3>
 
   <p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href=#refsRFC3864>[RFC3864]</a></p>
@@ -92173,7 +92261,7 @@
    </dd>
    <dt>Related information</dt>
    <dd>None.</dd>
-  </dl><h3 id=ping-to><span class=secno>17.9 </span><dfn title=http-ping-to><code>Ping-To</code></dfn></h3>
+  </dl><h3 id=ping-to><span class=secno>17.10 </span><dfn title=http-ping-to><code>Ping-To</code></dfn></h3>
 
   <p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href=#refsRFC3864>[RFC3864]</a></p>

Modified: index
===================================================================
--- index	2011-03-14 18:24:13 UTC (rev 5946)
+++ index	2011-03-14 18:53:41 UTC (rev 5947)
@@ -1270,8 +1270,9 @@
    <li><a href=#text/ping><span class=secno>15.5 </span><code>text/ping</code></a></li>
    <li><a href=#text/vtt><span class=secno>15.6 </span><code>text/vtt</code></a></li>
    <li><a href=#application/microdata+json><span class=secno>15.7 </span><code>application/microdata+json</code></a></li>
-   <li><a href=#ping-from><span class=secno>15.8 </span><code>Ping-From</code></a></li>
-   <li><a href=#ping-to><span class=secno>15.9 </span><code>Ping-To</code></a></ol></li>
+   <li><a href=#application/html-peer-conection-data><span class=secno>15.8 </span><code>application/html-peer-conection-data</code></a></li>
+   <li><a href=#ping-from><span class=secno>15.9 </span><code>Ping-From</code></a></li>
+   <li><a href=#ping-to><span class=secno>15.10 </span><code>Ping-To</code></a></ol></li>
  <li><a class=no-num href=#index>Index</a>
   <ol>
    <li><a class=no-num href=#elements-1>Elements</a></li>
@@ -72268,6 +72269,11 @@
   is unreliable (packets are not guaranteed to be delivered, and are
   not guaranteed to be delivered in the right order).</p>
 
+  <p>SDP media descriptions for <a href=#data-udp-media-stream title="data UDP media
+  stream">data UDP media streams</a> must use the "<code title="">application</code>" media type, the "<code title="">udp</code>" transport protocol, and the
+  "<code><a href=#application/html-peer-conection-data>application/html-peer-conection-data</a></code>" media format
+  description. <a href=#refsSDP>[SDP]</a></p>
+
   <p>All SDP media descriptions for <a href=#data-udp-media-stream title="data UDP media
   stream">data UDP media streams</a> must include a label attribute
   ("<code title="">a=label:</code>") whose value is the string "<code title="">data</code>". <a href=#refsSDP>[SDP]</a> <a href=#refsSDPLABEL>[SDPLABEL]</a></p>
@@ -72340,8 +72346,9 @@
    destination for the <a href=#data-udp-media-stream>data UDP media stream</a>.</li>
 
   </ol><p>A <dfn id=remote-data-udp-media-stream>remote data UDP media stream</dfn> is the first UDP media
-  stream whose sender is the remote peer, whose label attribute
-  ("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
+  stream whose sender is the remote peer, whose media is "<code title="">application</code>", whose transport protocol is "<code title="">udp</code>", whose media format description is
+  "<code><a href=#application/html-peer-conection-data>application/html-peer-conection-data</a></code>", whose label
+  attribute ("<code title="">a=label:</code>") has the value "<code title="">data</code>", and for which a
   <a href=#peerconnection-ice-agent><code>PeerConnection</code> ICE Agent</a> has selected a
   destination, if that media stream has an encryption key advertised
   in its media description, and if that encryption key is 16 bytes
@@ -88118,8 +88125,89 @@
 
 <!--MD-->
 
+
+
+  <h3 id=application/html-peer-conection-data><span class=secno>15.8 </span><dfn><code>application/html-peer-conection-data</code></dfn></h3>
+
+  <p>This registration is for community review and will be submitted
+  to the IESG for review, approval, and registration with IANA.</p>
+
+  <!--
+   To: ietf-types at iana.org
+   Subject: Registration of media type application/html-peer-conection-data
+  -->
+
+  <dl><dt>Type name:</dt>
+   <dd>application</dd>
+   <dt>Subtype name:</dt>
+   <dd>html-peer-conection-data</dd>
+   <dt>Required parameters:</dt>
+   <dd>No required parameters</dd>
+   <dt>Optional parameters:</dt>
+   <dd>No optional parameters</dd>
+   <dt>Encoding considerations:</dt>
+   <dd>This MIME type defines a binary protocol format which uses UTF-8 for text encoding.</dd>
+   <dt>Security considerations:</dt>
+   <dd>
+
+    <p>This format is used for encoding UDP packets transmitted by
+    potentially hostile Web page content via a trusted user agent to a
+    destination selected by a potentially hostile remote server. To
+    prevent this mechanism from being abused for cross-protocol
+    attacks, all the data in these packets is masked so as to appear
+    to be random noise. The intent of this masking is to reduce the
+    potential attack scenarios to those already possible
+    previously.</p>
+
+    <p>However, this feature still allows random data to be sent to
+    destinations that might not normally have been able to receive
+    them, such as to hosts within the victim's intranet. If a service
+    within such an intranet cannot handle receiving UDP packets
+    containing random noise, it might be vulnerable to attack from
+    this feature.</p>
+
+   </dd>
+   <dt>Interoperability considerations:</dt>
+   <dd>
+    Rules for processing both conforming and non-conforming content
+    are defined in this specification.
+   </dd>
+   <dt>Published specification:</dt>
+   <dd>
+    This document is the relevant specification.
+   </dd>
+   <dt>Applications that use this media type:</dt>
+   <dd>
+    This type is only intended for use with SDP. <a href=#refsSDP>[SDP]</a>
+   </dd>
+   <dt>Additional information:</dt>
+   <dd>
+    <dl><dt>Magic number(s):</dt>
+     <dd>No sequence of bytes can uniquely identify data in this
+     format, as all data in this format is intentionally masked to
+     avoid cross-protocol attacks.</dd>
+     <dt>File extension(s):</dt>
+     <dd>This format is not for use with files.</dd>
+     <dt>Macintosh file type code(s):</dt>
+     <dd>This format is not for use with files.</dd>
+    </dl></dd>
+   <dt>Person & email address to contact for further information:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Intended usage:</dt>
+   <dd>Common</dd>
+   <dt>Restrictions on usage:</dt>
+   <dd>No restrictions apply.</dd>
+   <dt>Author:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Change controller:</dt>
+   <dd>W3C</dd>
+  </dl><p>Fragment identifiers used with <code><a href=#text/html>text/html</a></code> resources
+  refer to <a href=#the-indicated-part-of-the-document>the indicated part of the document</a>.</p>
+
+
+
 <!--PING-->
-  <h3 id=ping-from><span class=secno>15.8 </span><dfn title=http-ping-from><code>Ping-From</code></dfn></h3>
+  <h3 id=ping-from><span class=secno>15.9 </span><dfn title=http-ping-from><code>Ping-From</code></dfn></h3>
 
   <p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href=#refsRFC3864>[RFC3864]</a></p>
@@ -88138,7 +88226,7 @@
    </dd>
    <dt>Related information</dt>
    <dd>None.</dd>
-  </dl><h3 id=ping-to><span class=secno>15.9 </span><dfn title=http-ping-to><code>Ping-To</code></dfn></h3>
+  </dl><h3 id=ping-to><span class=secno>15.10 </span><dfn title=http-ping-to><code>Ping-To</code></dfn></h3>
 
   <p>This section describes a header field for registration in the
   Permanent Message Header Field Registry.  <a href=#refsRFC3864>[RFC3864]</a></p>

Modified: source
===================================================================
--- source	2011-03-14 18:24:13 UTC (rev 5946)
+++ source	2011-03-14 18:53:41 UTC (rev 5947)
@@ -82469,6 +82469,13 @@
   is unreliable (packets are not guaranteed to be delivered, and are
   not guaranteed to be delivered in the right order).</p>
 
+  <p>SDP media descriptions for <span title="data UDP media
+  stream">data UDP media streams</span> must use the "<code
+  title="">application</code>" media type, the "<code
+  title="">udp</code>" transport protocol, and the
+  "<code>application/html-peer-conection-data</code>" media format
+  description. <a href="#refsSDP">[SDP]</a></p>
+
   <p>All SDP media descriptions for <span title="data UDP media
   stream">data UDP media streams</span> must include a label attribute
   ("<code title="">a=label:</code>") whose value is the string "<code
@@ -82551,8 +82558,11 @@
   </ol>
 
   <p>A <dfn>remote data UDP media stream</dfn> is the first UDP media
-  stream whose sender is the remote peer, whose label attribute
-  ("<code title="">a=label:</code>") has the value "<code
+  stream whose sender is the remote peer, whose media is "<code
+  title="">application</code>", whose transport protocol is "<code
+  title="">udp</code>", whose media format description is
+  "<code>application/html-peer-conection-data</code>", whose label
+  attribute ("<code title="">a=label:</code>") has the value "<code
   title="">data</code>", and for which a
   <span><code>PeerConnection</code> ICE Agent</span> has selected a
   destination, if that media stream has an encryption key advertised
@@ -104536,6 +104546,92 @@
 
 <!--END microdata--><!--START w3c-html--><!--MD-->
 
+
+<!--END w3c-html-->
+  <h3><dfn><code>application/html-peer-conection-data</code></dfn></h3>
+
+  <p>This registration is for community review and will be submitted
+  to the IESG for review, approval, and registration with IANA.</p>
+
+  <!--
+   To: ietf-types at iana.org
+   Subject: Registration of media type application/html-peer-conection-data
+  -->
+
+  <dl>
+   <dt>Type name:</dt>
+   <dd>application</dd>
+   <dt>Subtype name:</dt>
+   <dd>html-peer-conection-data</dd>
+   <dt>Required parameters:</dt>
+   <dd>No required parameters</dd>
+   <dt>Optional parameters:</dt>
+   <dd>No optional parameters</dd>
+   <dt>Encoding considerations:</dt>
+   <dd>This MIME type defines a binary protocol format which uses UTF-8 for text encoding.</dd>
+   <dt>Security considerations:</dt>
+   <dd>
+
+    <p>This format is used for encoding UDP packets transmitted by
+    potentially hostile Web page content via a trusted user agent to a
+    destination selected by a potentially hostile remote server. To
+    prevent this mechanism from being abused for cross-protocol
+    attacks, all the data in these packets is masked so as to appear
+    to be random noise. The intent of this masking is to reduce the
+    potential attack scenarios to those already possible
+    previously.</p>
+
+    <p>However, this feature still allows random data to be sent to
+    destinations that might not normally have been able to receive
+    them, such as to hosts within the victim's intranet. If a service
+    within such an intranet cannot handle receiving UDP packets
+    containing random noise, it might be vulnerable to attack from
+    this feature.</p>
+
+   </dd>
+   <dt>Interoperability considerations:</dt>
+   <dd>
+    Rules for processing both conforming and non-conforming content
+    are defined in this specification.
+   </dd>
+   <dt>Published specification:</dt>
+   <dd>
+    This document is the relevant specification.
+   </dd>
+   <dt>Applications that use this media type:</dt>
+   <dd>
+    This type is only intended for use with SDP. <a href="#refsSDP">[SDP]</a>
+   </dd>
+   <dt>Additional information:</dt>
+   <dd>
+    <dl>
+     <dt>Magic number(s):</dt>
+     <dd>No sequence of bytes can uniquely identify data in this
+     format, as all data in this format is intentionally masked to
+     avoid cross-protocol attacks.</dd>
+     <dt>File extension(s):</dt>
+     <dd>This format is not for use with files.</dd>
+     <dt>Macintosh file type code(s):</dt>
+     <dd>This format is not for use with files.</dd>
+    </dl>
+   </dd>
+   <dt>Person & email address to contact for further information:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Intended usage:</dt>
+   <dd>Common</dd>
+   <dt>Restrictions on usage:</dt>
+   <dd>No restrictions apply.</dd>
+   <dt>Author:</dt>
+   <dd>Ian Hickson <ian at hixie.ch></dd>
+   <dt>Change controller:</dt>
+   <dd>W3C</dd>
+  </dl>
+
+  <p>Fragment identifiers used with <code>text/html</code> resources
+  refer to <span>the indicated part of the document</span>.</p>
+<!--START w3c-html-->
+
+
 <!--END w3c-html--><!--PING-->
   <h3><dfn title="http-ping-from"><code>Ping-From</code></dfn></h3>
 




More information about the Commit-Watchers mailing list