Stats & isolated streams #1613
Comments
|
@vr00m What do you think? |
|
Do we need a minimum set of stats that does not compromise the isolated stream and still helps with debugging issues? or we leave that to the implementors to pick? |
|
I don't see why we should not leave it to implementors - this needs to be interoperable as far as I can tell. |
|
@dontcallmedom one too many "not" in that sentence? |
|
yes, I meant "I don't see why we should leave it to implementors" :) |
|
So far, I know that volume leaks information. The fact that there is a call (and associated info such as IP addresses) doesn't seem to warrant different treatment for isolated vs non-isolated streams. |
|
This needs to address also CSRC and SSRC and isolated streams |
|
Dan will take a look at his notes to try to reproduce consensus. @vr000m do you remember? |
|
I confirmed in my notes that Harald was going to do a PR because there is not a blanket answer here across all types of stats. |
|
AFAICR, to do a PR to suggest not reporting stats that leak. IIRC: it was CSRC and volume. |
|
Created w3c/webrtc-stats#352 to forbid reporting CSRC and audioHandler.audioLevel. |
* Added list of forbidden stats for isolated streams. Fixes w3c/webrtc-pc#1613 If the list needs to be longer, we'll add more to it.
While doing a first pass at a security review for WebRTC stats, I noticed the text on isolated media streams in WebRTC 1.0 leaves open the access to stats for them:
It sounds like stats might leak a lot about isolated streams to the JavaScript layer, so @aboba suggested I raise an issue so that we look more closely into this.
The text was updated successfully, but these errors were encountered: