Re: [rtcweb] security-arch: 6.4.1 PeerConnection Origin Check

Martin Thomson <martin.thomson@gmail.com> Tue, 22 July 2014 16:02 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC7AC1A0039 for <rtcweb@ietfa.amsl.com>; Tue, 22 Jul 2014 09:02:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8-s0RZF9QiOU for <rtcweb@ietfa.amsl.com>; Tue, 22 Jul 2014 09:01:57 -0700 (PDT)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05F8F1A000A for <rtcweb@ietf.org>; Tue, 22 Jul 2014 09:01:56 -0700 (PDT)
Received: by mail-wi0-f169.google.com with SMTP id n3so6145781wiv.2 for <rtcweb@ietf.org>; Tue, 22 Jul 2014 09:01:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dzC2iOA+WxiDAJl3p5ije6587z8OBoj+QfFlGmn2orA=; b=DC7GbGPMvFxqsS9aJakqQGaFgLGWGawIigMov6kg7m2//5CFx5T2zfqwdSjHlhhaVk 4kusux1aPux3Z1l67TvIoOziyRP7T+XXcLtBZLumbQZlmg3ot23aoFbRW6Npcm0ygQUm C+Hq91LCmTIo04nGWVWVD3++3vXhWBqrfHSuMWV5ET3/zwnu3IMuP2RsGiwlg3vuCpAl 7ulbluWOao6tE9kZe+dLbi2v9OC3IMZKtRPhiDBKeMtg93sba0wvEIR/KjkWJ3kH+ZKH Pp8SlyAA5Idyw54DIIGglJfDgeV9nuzXRVFrvpiYgN0Ob02fY2lTkPdm6alS4dVi09Sn grLQ==
MIME-Version: 1.0
X-Received: by 10.180.92.38 with SMTP id cj6mr16192362wib.64.1406044913918; Tue, 22 Jul 2014 09:01:53 -0700 (PDT)
Received: by 10.194.110.6 with HTTP; Tue, 22 Jul 2014 09:01:53 -0700 (PDT)
In-Reply-To: <CAPms+wQPirBi1utnMjrScMk_U7_6x6qK+mC_6ZV054rYsNnwTg@mail.gmail.com>
References: <CAPms+wQPirBi1utnMjrScMk_U7_6x6qK+mC_6ZV054rYsNnwTg@mail.gmail.com>
Date: Tue, 22 Jul 2014 09:01:53 -0700
Message-ID: <CABkgnnWZp1Ad9vPnR6h3+m5P7p-FaqVAXWSKq8_EjzYV4jjj9g@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Michael Procter <michael@voip.co.uk>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/VUmyYRqLjZCivTcM0fjCE9C5B8Y
Cc: "<rtcweb@ietf.org>" <rtcweb@ietf.org>
Subject: Re: [rtcweb] security-arch: 6.4.1 PeerConnection Origin Check
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jul 2014 16:02:02 -0000

On 21 July 2014 16:51, Michael Procter <michael@voip.co.uk> wrote:
>
>    Fundamentally, the IdP proxy is just a piece of JS loaded by
>    the browser, so nothing stops a Web attacker from creating their
>    own IFRAME, loading the IdP proxy JS, and requesting a
>    signature.  In order to prevent this attack, we require that communication
>    with the IdP proxy be via a MessageChannel in a way that cannot
>    be emulated by hostile JS.  This is discussed in section 8.2.1 of
> [webrtc-api].


I'm having a hard time finding a fault with your suggestions Michael.
This is great, thanks.