Last Call Review of draft-ietf-rtcweb-jsep-23
review-ietf-rtcweb-jsep-23-secdir-lc-hallam-baker-2017-10-06-00
| Request | Review of | draft-ietf-rtcweb-jsep |
|---|---|---|
| Requested revision | No specific revision (document currently at 26) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2017-08-11 | |
| Requested | 2017-07-28 | |
| Authors | Justin Uberti , Cullen Fluffy Jennings , Eric Rescorla | |
| I-D last updated | 2017-10-06 | |
| Completed reviews |
Secdir Last Call review of -23
by Phillip Hallam-Baker
(diff)
Opsdir Last Call review of -21 by Carlos M. MartÃnez (diff) Genart Last Call review of -21 by Robert Sparks (diff) |
|
| Assignment | Reviewer | Phillip Hallam-Baker |
| State | Completed | |
| Request | Last Call review on draft-ietf-rtcweb-jsep by Security Area Directorate Assigned | |
| Reviewed revision | 23 (document currently at 26) | |
| Result | Ready | |
| Completed | 2017-10-06 |
review-ietf-rtcweb-jsep-23-secdir-lc-hallam-baker-2017-10-06-00
Given the design constraints in which the protocol operates, it is hard to see how this could be done differently. I have two sets of security concerns. One is that implementations need to be designed so as to avoid buffer overrun conditions and also to prevent such conditions leading to a breach. Compression formats such as are inevitably used in video and image applications tend to make promiscuous use of nested length encoding formats that commonly lead to security vulnerabilities. This document does not have such a warning, having a reference on most of the security issues, a warning on this issue should appear in: https://tools.ietf.org/html/draft-ietf-rtcweb-security-08 The other security concern is that giving control over the host browser to run pretty much arbitrary code was always going to be a security disaster but there isn't much that can be done at this point.