This one is mostly inspired by Tor's Snowflake https://snowflake.torproject.org I also have a user who is running Wireguard over Datachannel.
They then access things via VPN over Datachannel in the browser.
The biggest thing I have seen is developers finding ways to make traffic less fingerprintable. This might be an implementation detail, but maybe we can make some of these things configurable or move away from them.
Information from ICE (uFrag/uPwd can help identify how many unique sessions behind a NAT)
Information from DTLS handshake (ClientHello/ServerHello members, self signed certificate attributes)
Can we provide APIs that allow users to fight against these things?
Sean-Der
commented
4 years ago
This one is mostly inspired by Tor's Snowflake https://snowflake.torproject.org I also have a user who is running Wireguard over Datachannel.
They then access things via VPN over Datachannel in the browser.
The biggest thing I have seen is developers finding ways to make traffic less fingerprintable. This might be an implementation detail, but maybe we can make some of these things configurable or move away from them.
Can we provide APIs that allow users to fight against these things?