Re: [rtcweb] Review of draft-ietf-rtcweb-security-arch-13
Sean Turner <sean@sn3rd.com> Mon, 06 November 2017 22:55 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26E3F13FB1C for <rtcweb@ietfa.amsl.com>; Mon, 6 Nov 2017 14:55:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t-eG7FKEXFkb for <rtcweb@ietfa.amsl.com>; Mon, 6 Nov 2017 14:55:53 -0800 (PST)
Received: from mail-qk0-x22f.google.com (mail-qk0-x22f.google.com [IPv6:2607:f8b0:400d:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64B9213F698 for <rtcweb@ietf.org>; Mon, 6 Nov 2017 14:55:53 -0800 (PST)
Received: by mail-qk0-x22f.google.com with SMTP id b15so13059563qkg.9 for <rtcweb@ietf.org>; Mon, 06 Nov 2017 14:55:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=/WiInzICkOOUvzCyFHaz05gsESe00RbK/XDRRjVDRZU=; b=l3jTZ1OKWMRheObPgvhpX961LgiKpCTNuHZPoBHqisXmgHTwWon+lNcH1yOjDWSnVb BUssJ2usoJ+3o33QvKP/we/zneLVNFy6dqSSCjKKuOWQPyEtXk5uv+/iJ4eWWcuuo0mk VRcYxi8S2UDAog5pgFs5fEWAWCgJ4SibaEiiw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=/WiInzICkOOUvzCyFHaz05gsESe00RbK/XDRRjVDRZU=; b=A8dqnEvWTpqiZ8VQNghB1kJzKAhdMpD+WzzULIZyKi8Pd9aDtR3hBZmz65+YoLSnp2 q6/s7lmKRxBHBqI2T6t9xaY4Kga1Y2a4ghb+AngkHA3LeAxuePCtlEdzPsHllUitXPuG Oz6Hbo7iJw5ebZTprjIgkqJNFXqJfTZ27o3+SQw+S4SF3BhpjbLBj8OaNM0kjKUF7QvH vlj1jpqPOKWfXawd7VJ2tJJy+/kYID3PX+nKp4GdV2tp8M6svdq1AF5px+XmhH1A8pi0 C2cHAPCeTuMj1gzK5ZmS7++8QrY4eC/E+GAvmK9PxyBc+xmNsXM8ATb/906EcxlY5Mlm BBvw==
X-Gm-Message-State: AJaThX5zOGLb6znb1veXE4JioqphCef5lvxfpOdoDnPiUmNw8XSlLEFg p5c91TDl+Deymmc1E7kXfzjHS1ivy5o=
X-Google-Smtp-Source: ABhQp+QMUxZkpS4YKPwi1aS+h/9ab/P2oYnh9LOKRiR76CpEePisD4xbe7Fo8qavM2CCMcH57CoV6w==
X-Received: by 10.55.212.80 with SMTP id l77mr24497697qki.82.1510008952516; Mon, 06 Nov 2017 14:55:52 -0800 (PST)
Received: from [172.16.0.18] ([96.231.220.27]) by smtp.gmail.com with ESMTPSA id i27sm9347965qtc.91.2017.11.06.14.55.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Nov 2017 14:55:51 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <85C5A635-278F-4178-93C8-CF88E8E909C0@iii.ca>
Date: Mon, 06 Nov 2017 17:55:51 -0500
Cc: RTCWeb IETF <rtcweb@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <33629DB7-4599-45C1-9022-B41CA6C89500@sn3rd.com>
References: <85C5A635-278F-4178-93C8-CF88E8E909C0@iii.ca>
To: Cullen Jennings <fluffy@iii.ca>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/-vvNjLzM0J16TrUB8Us02G-O0C0>
Subject: Re: [rtcweb] Review of draft-ietf-rtcweb-security-arch-13
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Nov 2017 22:55:55 -0000
I’ll convert this to issues in GH. spt > On Nov 6, 2017, at 09:30, Cullen Jennings <fluffy@iii.ca> wrote: > > I think this draft is done -- few trivial things. > > At this point, I think we should just remove Appendix A as I don't think it adds much values. All the key parts are actually in the main text. I'm also can live with just keeping it as is but removing the TODO at the top of the section as I think that TODO was take care of by the changes from -12 to -13. > > The refs to draft-muthu-behave-consent-freshness should be to RFC7675 > > At the end of section 5.5, there is mention of a NULL cipher in an example. I don't think that is allowed and thought is not a problem the way it is mentioned here, perhaps it should be removed from the example. > > (yes ... I realize the state this is in in the data tracker but none the less that my comments) > > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb
- [rtcweb] Review of draft-ietf-rtcweb-security-arc… Cullen Jennings
- Re: [rtcweb] Review of draft-ietf-rtcweb-security… Sean Turner