[rtcweb] Secdir last call review of draft-ietf-rtcweb-jsep-23

Phillip Hallam-Baker <hallam@gmail.com> Fri, 06 October 2017 12:35 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Phillip Hallam-Baker <hallam@gmail.com>
To: secdir@ietf.org
Cc: draft-ietf-rtcweb-jsep.all@ietf.org, rtcweb@ietf.org, ietf@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150729330872.6204.16821957868857533343@ietfa.amsl.com>
Date: Fri, 06 Oct 2017 05:35:08 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/hiTPN7sDC3pJYkHDeTkW9HFztnI>
Subject: [rtcweb] Secdir last call review of draft-ietf-rtcweb-jsep-23

Reviewer: Phillip Hallam-Baker
Review result: Ready

Given the design constraints in which the protocol operates, it is hard to see
how this could be done differently.

I have two sets of security concerns. One is that implementations need to be
designed so as to avoid buffer overrun conditions and also to prevent such
conditions leading to a breach. Compression formats such as are inevitably used
in video and image applications tend to make promiscuous use of nested length
encoding formats that commonly lead to security vulnerabilities.

This document does not have such a warning, having a reference on most of the
security issues, a warning on this issue should appear in:
https://tools.ietf.org/html/draft-ietf-rtcweb-security-08

The other security concern is that giving control over the host browser to run
pretty much arbitrary code was always going to be a security disaster but there
isn't much that can be done at this point.

[rtcweb] Secdir last call review of draft-ietf-rt… Phillip Hallam-Baker
Re: [rtcweb] Secdir last call review of draft-iet… Harald Alvestrand
Re: [rtcweb] Secdir last call review of draft-iet… Phillip Hallam-Baker
Re: [rtcweb] Secdir last call review of draft-iet… Harald Alvestrand