[rtcweb] System security draft
Eric Rescorla <ekr@rtfm.com> Mon, 31 October 2011 04:57 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74D2F21F8C79 for <rtcweb@ietfa.amsl.com>; Sun, 30 Oct 2011 21:57:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.961
X-Spam-Level:
X-Spam-Status: No, score=-102.961 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LohmnaMTOYbc for <rtcweb@ietfa.amsl.com>; Sun, 30 Oct 2011 21:57:47 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id E2D6721F8C73 for <rtcweb@ietf.org>; Sun, 30 Oct 2011 21:57:46 -0700 (PDT)
Received: by vcbfo1 with SMTP id fo1so5433823vcb.31 for <rtcweb@ietf.org>; Sun, 30 Oct 2011 21:57:46 -0700 (PDT)
Received: by 10.220.147.134 with SMTP id l6mr2215004vcv.21.1320037066286; Sun, 30 Oct 2011 21:57:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.220.118.132 with HTTP; Sun, 30 Oct 2011 21:57:05 -0700 (PDT)
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 30 Oct 2011 21:57:05 -0700
Message-ID: <CABcZeBN-U2j9HN5fgaL8gxQu6zij1bDKqdeKJAVqKExovuUS=g@mail.gmail.com>
To: rtcweb@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: [rtcweb] System security draft
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2011 04:57:47 -0000
Per the chairs request for submissions, I've prepared a proposed system security draft. For convenience, I've added it as an appendix to the threat model document, which has been somewhat updated but is largely unchanged. The proposal itself is clearly separated in Appendix A. There are definitely still some serious rough edges here and a bunch of pieces that are flat-out incomplete, but I hope it's clear the direction I'm trying to go. -Ekr
- [rtcweb] System security draft Eric Rescorla