Re: [rtcweb] Opsdir last call review of draft-ietf-rtcweb-security-11

Joe Clarke <jclarke@cisco.com> Thu, 14 February 2019 19:35 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59C07128B33; Thu, 14 Feb 2019 11:35:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61AoL4-B_OHi; Thu, 14 Feb 2019 11:35:21 -0800 (PST)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEDFF131190; Thu, 14 Feb 2019 11:35:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2938; q=dns/txt; s=iport; t=1550172920; x=1551382520; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=Jzj+X0bLSPI+flvduXRel3gSPQyiPmcFZc4/WASf85Y=; b=lHoIeqCOZW6b9UJdnHzbwtCjaERP7L6NNSEax2k7Zaw7pqx0jmkeQFuY 3BrQNA3WQ5goyUicGgjc7IJFNEzaJmqUSbvJXiVgwFu++I8OX4X71mpbV Ga/24ab+a0lGB11G7Sg1WlYbcBbApga8I06+X9uAWHLYWvZz0wk3stUEO U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DXAADEwWVc/5NdJa1kGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBZYIDZwOBACeEBpQLgWAIJZoODSOESQKDYyI4EgEDAQE?= =?us-ascii?q?CAQECbRwMhUoBAQEBAgEjDwFGEAkCGAICJgICVwYNBgIBAYMcAYFqCA+PG5t?= =?us-ascii?q?hgS+KMwWBC4s5F4FAP4ERJwyCX4MeAoFhd4ISglcCkECBBoVzi3UJhzqLFAY?= =?us-ascii?q?ZgW6IbCaHc499jFWBXSGBVk0jFYMngigXg0uKcSEDMAyQUAEB?=
X-IronPort-AV: E=Sophos;i="5.58,369,1544486400"; d="scan'208";a="515674795"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Feb 2019 19:35:19 +0000
Received: from [192.168.10.214] (rtp-jclarke-nitro5.cisco.com [10.118.87.86]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTP id x1EJZJpU019656; Thu, 14 Feb 2019 19:35:19 GMT
To: Sean Turner <sean@sn3rd.com>
Cc: ops-dir@ietf.org, draft-ietf-rtcweb-security.all@ietf.org, rtcweb@ietf.org, ietf@ietf.org
References: <155000069929.8344.2037971001030338378@ietfa.amsl.com> <C77E79CD-478D-4EF8-8C5A-59A33832580D@sn3rd.com>
From: Joe Clarke <jclarke@cisco.com>
Openpgp: preference=signencrypt
Autocrypt: addr=jclarke@cisco.com; prefer-encrypt=mutual; keydata= mQGiBDo1cJ0RBADSZSmbmzdRr1CoRWWKmAyu0eaQimaLV1TsZEML/ksLyg6faXrKIA/MWc7M w4FmKkDjaZdFzobzabnKp2QwVadLqi1gYY2WsApKC0rSoqsPx5E847AmwNWXgjXiXORXmnZL mf5PZ2ECOEJC27sji5Nrh9GSw7OPp6c+EE20gMNVrwCgu3iK5vyGQfy0/wX/jcIvP0nHznUD /RvijiKomyaf6F5pibmouFNeuCDHc8lwx2giA/MCZl/nSkI2/UX27sULGNgvKNkVPu/AukXu zW3fIthsJgjQZUoi/BTe9kUP+RL3+RALXXuLv7b3xGRHJ8A1Rpy9H43fkjHZ945YNPrUvJlG LP5PNGBD1xC21X3EGAyywVynDskcA/4qgbJFkVzmPjFJUjq+RW1zw3UIb3bbkskl/wk5qd+M w2EhiSPTbEhJQAQUvqSGFWEGp2ANic7iYLdPXV/O6I1/guRRaY0eK77YkkCjz1snaKYnGSeI GHGwmHb6D+ZHzTqZqr6IssgEIUHjXfgOUTARQbL15nJTVRzDGUiT/65R3bQeSm9lIENsYXJr ZSA8amNsYXJrZUBjaXNjby5jb20+iF8EExECABcFAjyDqGQFCwcKAwQDFQMCAxYCAQIXgAAS CRDN7TXCWm4C3wdlR1BHAAEB5KkAn0kBda/9+uF6RfnDSFS7RExUU9DqAJ4knRckYiSASteC K03QVtEiXblL27kBDQQ6NXCeEAQAhIURlK17jmIMdMIuScFU6xK+jkKgVVFrjlRH5vLV2spp jH/uQ57MMGuOcs7PckXCnPjBV8Tm32Tuw+fCyrbc2gt0ouiT/5WWj0EMeAfWew1zBXX2okGf LqS6gucVDS6tcEFN6PmJEmX+tWDcmiqx/xXiSfMVYiLMdlK+YDkMDDsAAwUD/3BWOyfdnBGH Kv28zx+5wq/2vhYnUYCAdVD2ZWCJizQTMbkcxEIKAwtAj6yqKq9ah82nt4VHl5ZejVe47jvR 2nXwJ5VQ9eITuTjTLDw+3qr9lN077VZ32hyb5ULJcW756j9Z3YB2FTANw6KHgChaSVVx9kYJ FlAggraU7mi39/wviE4EGBECAAYFAjo1cJ4AEgkQze01wlpuAt8HZUdQRwABAQbdAJ9R8SzU Mluu9r93BMv6fAW9j6qTZgCfYcEAqOMJv+3Z+YxLiDtWcCY4Sfq5AQ0EOjVwnhAEAISFEZSt e45iDHTCLknBVOsSvo5CoFVRa45UR+by1drKaYx/7kOezDBrjnLOz3JFwpz4wVfE5t9k7sPn wsq23NoLdKLok/+Vlo9BDHgH1nsNcwV19qJBny6kuoLnFQ0urXBBTej5iRJl/rVg3Joqsf8V 4knzFWIizHZSvmA5DAw7AAMFA/9wVjsn3ZwRhyr9vM8fucKv9r4WJ1GAgHVQ9mVgiYs0EzG5 HMRCCgMLQI+sqiqvWofNp7eFR5eWXo1XuO470dp18CeVUPXiE7k40yw8Pt6q/ZTdO+1Wd9oc m+VCyXFu+eo/Wd2AdhUwDcOih4AoWklVcfZGCRZQIIK2lO5ot/f8L4hOBBgRAgAGBQI6NXCe ABIJEM3tNcJabgLfB2VHUEcAAQEG3QCfUfEs1DJbrva/dwTL+nwFvY+qk2YAn2HBAKjjCb/t 2fmMS4g7VnAmOEn6
Organization: Cisco
Message-ID: <717ca3f4-a1bd-a56a-2585-e19547c21b2e@cisco.com>
Date: Thu, 14 Feb 2019 14:35:18 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <C77E79CD-478D-4EF8-8C5A-59A33832580D@sn3rd.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Outbound-SMTP-Client: 10.118.87.86, rtp-jclarke-nitro5.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/DsoyL-O1I4Zkxx2Nfnp4uEr_LPg>
Subject: Re: [rtcweb] Opsdir last call review of draft-ietf-rtcweb-security-11
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 19:35:23 -0000

On 2/14/19 14:23, Sean Turner wrote:
> Hi! Doc Shepherd here ;)
> 
>> On Feb 12, 2019, at 14:44, Joe Clarke <jclarke@cisco.com> wrote:
>>
>> Reviewer: Joe Clarke
>> Review result: Not Ready
>>
>> I have been assigned to review this document on behalf of the Ops directorate. 
>> In general, I found the document well-written, but the reason I marked it as
>> not ready as I was confused as to its standards track trajectory.  I do not see
>> any kind of inter-operable standard being defined here.  On my reading --
>> before I noticed it was standards track -- it felt informational.  While it
>> does set out a threat model for the browser, I struggle to see how that needs
>> to be standardized.
> 
> The rationale I provided in the Shepherd write was this:
>    This draft is bound standards track because it includes all of the WebRTC
>    security considerations and will referred to from all WebRTC WG drafts.
> 
> There are also 8 2119-MUSTs/MUST NOTs is the document that affect browser behavior, which (I think) gets it over the informational level hurdle.

Not sure, TBH.  The way it read to me was more informational, which is
why I was surprised to see it on the standards track after the
read-through.  But given this extra bit of context about its intent,
perhaps standard is the way to go.  I'm glad it's been
considered/discussed, and I would defer to ADs on that.

> 
>> On that threat model note, the abstract indicates that the WebRTC threat model
>> will be laid out, but section 3 defines a more general browser threat model.
> 
> It does, but the 1st sentence explains why they are the same.  I guess we could rename the section, but it’s just a layer of indirection.

It is.  But while the requirements follow directly, there are additional
considerations.  I think renaming would make it clearer.

> 
>> Beyond those items, I noticed various nits and other small items when reading
>> the document.  Most broadly, I feel this document would benefit from a
>> terminology section to define acronyms such as ICE, TURN, STUN, VoIP, etc. 
>> Additionally, in section 3.1, the document refers to "scripts" in a general
>> way.  While the implication is JavaScript code that will run in a browser, I
>> think that kind of context setting might be made more explicit in a terminology
>> section.
>>
>> Other nits are mentioned below on a section-by-section basis.
> 
> I addressed these in the following PR:
> https://github.com/rtcweb-wg/security/pull/13

Thanks!

>> ===
>>
>> Section 4.3.2.1:
>>
>> OLD:
>>
>>  (a) the browser to trusted UI to provide the name and
>>
>> I don't grok this sentence fragment.  There seems to be a verb missing, and I'm
>> not sure what your intent is here.
> 
> I suggest “the browser has trusted UI …”. if that’s wrong I can amend the PR.

To that correction, perhaps, "the browser has a trusted UI"

Joe