13.3 Impact on local network
Since the browser is an active platform executing in a trusted network environment (inside the firewall), it is important to limit the damage that the browser can do to other elements on the local network, and it is important to protect data from interception, manipulation and modification by untrusted participants.
Mitigations include:
- A user agent will always request permission from the correspondent user agent to communicate using ICE. This ensures that the user agent can only send to partners who you have shared credentials with.
- A user agent will always request ongoing permission to continue sending using ICE continued consent. This enables a receiver to withdraw consent to receive.
- A user agent will always encrypt data, with strong per-session keying (DTLS-SRTP).
- A user agent will always use congestion control. This ensures that WebRTC cannot be used to flood the network.
These measures are specified in the relevant IETF documents.