[My apologies to those receiving this twice; I do not know why typing draft names seems to be so hard.] Hi all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. I think this document is ready. The main goal is to provide an authenticated indicator to the webrtc peers that confidentiality is needed for the "media" (video, audio) streams of that webrtc session (or that it is not needed); ALPN, which is bound to the DTLS handshake, is used to do so. The only potentially interesting direct consequence that I see is that this constrains any other (future) usage of ALPN by webrtc, since only one ALPN label can be selected for a given DTLS association. Should a need arise, presumably additional ALPN labels can be defined that describe the appropriate combination of confidentiality and any future protocol needs. This document is not intended to cover the details of how the actual webrtc sessions are established and cryptographically protected (if necessary), so there does not seem to be a need for it to discuss the security considerations relevant to those parts of the protocol. -Ben _______________________________________________ secdir mailing list secdir at ietf.org https://www.ietf.org/mailman/listinfo/secdir wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview