[rtcweb] Review of draft-ietf-rtcweb-security-arch-13
Cullen Jennings <fluffy@iii.ca> Mon, 06 November 2017 14:29 UTC
Return-Path: <fluffy@iii.ca>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD57E13FC28 for <rtcweb@ietfa.amsl.com>; Mon, 6 Nov 2017 06:29:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5rUSdz8ohEwk for <rtcweb@ietfa.amsl.com>; Mon, 6 Nov 2017 06:29:15 -0800 (PST)
Received: from smtp113.iad3a.emailsrvr.com (smtp113.iad3a.emailsrvr.com [173.203.187.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1D7113F3D5 for <rtcweb@ietf.org>; Mon, 6 Nov 2017 06:29:14 -0800 (PST)
Received: from smtp23.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp23.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 4F2EA25166 for <rtcweb@ietf.org>; Mon, 6 Nov 2017 09:29:14 -0500 (EST)
X-Auth-ID: fluffy@iii.ca
Received: by smtp23.relay.iad3a.emailsrvr.com (Authenticated sender: fluffy-AT-iii.ca) with ESMTPSA id 1472A2516A for <rtcweb@ietf.org>; Mon, 6 Nov 2017 09:29:13 -0500 (EST)
X-Sender-Id: fluffy@iii.ca
Received: from [10.24.62.96] ([UNAVAILABLE]. [128.107.241.162]) (using TLSv1 with cipher DHE-RSA-AES256-SHA) by 0.0.0.0:587 (trex/5.7.12); Mon, 06 Nov 2017 09:29:14 -0500
From: Cullen Jennings <fluffy@iii.ca>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <85C5A635-278F-4178-93C8-CF88E8E909C0@iii.ca>
Date: Mon, 06 Nov 2017 06:30:02 -0800
To: RTCWeb IETF <rtcweb@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/2RcvKCZAA-WVny_8mxYYIqBS2jI>
Subject: [rtcweb] Review of draft-ietf-rtcweb-security-arch-13
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Nov 2017 14:29:16 -0000
I think this draft is done -- few trivial things. At this point, I think we should just remove Appendix A as I don't think it adds much values. All the key parts are actually in the main text. I'm also can live with just keeping it as is but removing the TODO at the top of the section as I think that TODO was take care of by the changes from -12 to -13. The refs to draft-muthu-behave-consent-freshness should be to RFC7675 At the end of section 5.5, there is mention of a NULL cipher in an example. I don't think that is allowed and thought is not a problem the way it is mentioned here, perhaps it should be removed from the example. (yes ... I realize the state this is in in the data tracker but none the less that my comments)
- [rtcweb] Review of draft-ietf-rtcweb-security-arc… Cullen Jennings
- Re: [rtcweb] Review of draft-ietf-rtcweb-security… Sean Turner