[rtcweb] Mirja Kühlewind's No Objection on draft-ietf-rtcweb-security-arch-18: (with COMMENT)

Mirja Kühlewind <ietf@kuehlewind.net> Thu, 28 February 2019 18:00 UTC

Return-Path: <ietf@kuehlewind.net>
X-Original-To: rtcweb@ietf.org
Delivered-To: rtcweb@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0575B130F8E; Thu, 28 Feb 2019 10:00:16 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: =?utf-8?q?Mirja_K=C3=BChlewind?= <ietf@kuehlewind.net>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-rtcweb-security-arch@ietf.org, Sean Turner <sean@sn3rd.com>, rtcweb-chairs@ietf.org, sean@sn3rd.com, rtcweb@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.92.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155137681601.28667.4721382539333995604.idtracker@ietfa.amsl.com>
Date: Thu, 28 Feb 2019 10:00:16 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/zJiI4s92FhPrcIdU4xXcyR6lAJM>
Subject: [rtcweb] =?utf-8?q?Mirja_K=C3=BChlewind=27s_No_Objection_on_draf?= =?utf-8?q?t-ietf-rtcweb-security-arch-18=3A_=28with_COMMENT=29?=
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Feb 2019 18:00:24 -0000

Mirja Kühlewind has entered the following ballot position for
draft-ietf-rtcweb-security-arch-18: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-rtcweb-security-arch/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

1) This is related to my discuss on draft-ietf-rtcweb-security. I think I don't
fully understand the split between those two documents, as section 4.2 seems to
introduce a normative reference to draft-ietf-rtcweb-security:

  "As described in ([I-D.ietf-rtcweb-security]; Section 4.2) media
   consent verification is provided via ICE. "

However, given that section 6.3 actually normatively (re-)states the ICE
requirements as well, I would maybe recommend to instead say:

  "As described in ([I-D.ietf-rtcweb-security]; Section 4.2) and stated in
  section 6.3 media
   consent verification is provided via ICE. "

and then move the reference to draft-ietf-rtcweb-security to informative.

2) I would have also expected some discussion in the security considerations
sections about the risks to the user if the browser gets corrupted, as
indicated by the trust model presented in sec 3.

3) In Sec 9.2: "Combined WebRTC/Tor
   implementations SHOULD arrange to route the media as well as the
   signaling through Tor. Currently this will produce very suboptimal
   performance."
Maybe make these sentences a bit more general, e.g.
"Combined WebRTC/anonymity service
   implementations SHOULD arrange to route the media as well as the
   signaling through the anonymity network. Currently with e.g. Tor this will
   produce very suboptimal performance.