Reorder to put identity bindings first #5
Conversation
I did some reframing to justify this organization. This probably needs another review.
martinthomson
force-pushed
the
reorder
branch
from
250def2
to
936f41b
Compare
|
|
||
| This attack applies to any communications established based on the SDP | ||
| `fingerprint` attribute {{!RFC8122}}. | ||
| A similar attack can be mounted without to any communications established based |
| @@ -273,50 +448,17 @@ conduct two sessions concurrently, if the attacker (Mallory) is on the network | |||
| path between the victims, and if the same certificate - and therefore SDP | |||
There was a problem hiding this comment.
This attack creates an asymmetry in the beliefs about the identity of peers. However, this attack is only possible if the victim (Norma) is willing to conduct two sessions concurrently
Unless I'm mistaken, the precondition here is even more difficult than this phrasing would imply. Assuming my understanding is correct, I believe the following wording would be more accurate: ...is only possible if the victim (Norma) can be compelled to initiate two concurrent sessions nearly simultaneously...
Don't treat this comment as blocking. If you agree, make the change; if you don't, discard it and move the document forward.
| @@ -349,21 +491,21 @@ identifier. | |||
|
|
|||
There was a problem hiding this comment.
This document only defines use of this extensions for SDP
Nit: "...this extension..."
|
Thanks Adam! |
I did some reframing to justify this organization. This probably needs
another review.
Attn. @adamroach - preview of complete draft because the diff is pretty hard to follow.