[rtcweb] I-D Action: draft-ietf-rtcweb-security-00.txt

internet-drafts@ietf.org Thu, 22 September 2011 07:54 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D148221F8D12; Thu, 22 Sep 2011 00:54:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.572
X-Spam-Level:
X-Spam-Status: No, score=-102.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X5bRbzXMxDmY; Thu, 22 Sep 2011 00:54:33 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DC7C21F8CFB; Thu, 22 Sep 2011 00:54:33 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 3.60
Message-ID: <20110922075433.17483.59128.idtracker@ietfa.amsl.com>
Date: Thu, 22 Sep 2011 00:54:33 -0700
Cc: rtcweb@ietf.org
Subject: [rtcweb] I-D Action: draft-ietf-rtcweb-security-00.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2011 07:54:33 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Real-Time Communication in WEB-browsers Working Group of the IETF.

	Title           : Security Considerations for RTC-Web
	Author(s)       : Eric Rescorla
	Filename        : draft-ietf-rtcweb-security-00.txt
	Pages           : 20
	Date            : 2011-09-21

   The Real-Time Communications on the Web (RTC-Web) working group is
   tasked with standardizing protocols for real-time communications
   between Web browsers.  The major use cases for RTC-Web technology are
   real-time audio and/or video calls, Web conferencing, and direct data
   transfer.  Unlike most conventional real-time systems (e.g., SIP-
   based soft phones) RTC-Web communications are directly controlled by
   some Web server, which poses new security challenges.  For instance,
   a Web browser might expose a JavaScript API which allows a server to
   place a video call.  Unrestricted access to such an API would allow
   any site which a user visited to &quot;bug&quot; a user&#39;s computer, capturing
   any activity which passed in front of their camera.  This document
   defines the RTC-Web threat model and defines an architecture which
   provides security within that threat model.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-rtcweb-security-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-rtcweb-security-00.txt