Last Call Review of draft-ietf-webpush-protocol-10
review-ietf-webpush-protocol-10-secdir-lc-nystrom-2016-10-20-00
| Request | Review of | draft-ietf-webpush-protocol |
|---|---|---|
| Requested revision | No specific revision (document currently at 12) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2016-10-11 | |
| Requested | 2016-09-29 | |
| Authors | Martin Thomson , Elio Damaggio , Brian Raymor | |
| I-D last updated | 2016-10-20 | |
| Completed reviews |
Secdir Last Call review of -10
by Magnus Nyström
(diff)
Opsdir Last Call review of -10 by Dan Romascanu (diff) |
|
| Assignment | Reviewer | Magnus Nyström |
| State | Completed | |
| Request | Last Call review on draft-ietf-webpush-protocol by Security Area Directorate Assigned | |
| Reviewed revision | 10 (document currently at 12) | |
| Result | Ready | |
| Completed | 2016-10-20 |
review-ietf-webpush-protocol-10-secdir-lc-nystrom-2016-10-20-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes how a user agent can establish a relationship with a push service (a subscription) and then share that distribution node information with various applications. As such, the document is well written and has a comprehensive security considerations section. The only slight concern I have is related to the authorization of receiving push messages. The technique used is essentially bearer tokens (knowledge of a URL). It therefore seems as if unintended sharing of such a capability URL could cause other user agents to get access to push notifications. I wonder if the work around token binding in TLS (holder-of-key tokens) could be applicable here, at least in the future. -- Magnus