Re: [apps-discuss] apps-team review of draft-ietf-fecframe-sdp-elements
"Ali C. Begen (abegen)" <abegen@cisco.com> Tue, 07 September 2010 20:08 UTC
Return-Path: <abegen@cisco.com>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 57CA93A6AB7; Tue, 7 Sep 2010 13:08:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.459
X-Spam-Level:
X-Spam-Status: No, score=-10.459 tagged_above=-999 required=5 tests=[AWL=0.140, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pVYPbbqw7bYb; Tue, 7 Sep 2010 13:08:28 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by core3.amsl.com (Postfix) with ESMTP id 8A1EF3A6AA6; Tue, 7 Sep 2010 13:08:28 -0700 (PDT)
Authentication-Results: sj-iport-2.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAPc4hkyrR7Hu/2dsb2JhbAChBHGlVIx1jkuFPQSEQ4hT
X-IronPort-AV: E=Sophos;i="4.56,330,1280707200"; d="scan'208";a="277109942"
Received: from sj-core-5.cisco.com ([171.71.177.238]) by sj-iport-2.cisco.com with ESMTP; 07 Sep 2010 20:08:56 +0000
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.13.8/8.14.3) with ESMTP id o87K8uOe007117; Tue, 7 Sep 2010 20:08:56 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 7 Sep 2010 13:08:56 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 07 Sep 2010 13:08:56 -0700
Message-ID: <04CAD96D4C5A3D48B1919248A8FE0D540D128DEB@xmb-sjc-215.amer.cisco.com>
In-Reply-To: <11907.1283888013.974202@puncture>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: apps-team review of draft-ietf-fecframe-sdp-elements
Thread-Index: ActOw5b9a5gvJ96zQty/SQ6Q5sf+xgAA/bxQ
References: <11907.1283888013.974202@puncture>
From: "Ali C. Begen (abegen)" <abegen@cisco.com>
To: Dave Cridland <dave@cridland.net>, General discussion of application-layer protocols <apps-discuss@ietf.org>, The IESG <iesg@ietf.org>
X-OriginalArrivalTime: 07 Sep 2010 20:08:56.0937 (UTC) FILETIME=[80ABF590:01CB4EC8]
X-Mailman-Approved-At: Wed, 08 Sep 2010 16:55:04 -0700
Subject: Re: [apps-discuss] apps-team review of draft-ietf-fecframe-sdp-elements
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2010 20:08:32 -0000
Hi Dave, I am off to PTO till the weekend (about to leave). But, here are my quick comments: > -----Original Message----- > From: Dave Cridland [mailto:dave@cridland.net] > Sent: Tuesday, September 07, 2010 10:34 PM > To: General discussion of application-layer protocols; The IESG; Ali C. Begen (abegen) > Subject: apps-team review of draft-ietf-fecframe-sdp-elements > > Hiya folks, > > I have been selected as the Applications Area Review Team reviewer > for this draft (for background on apps-review, please see > http://www.apps.ietf.org/content/applications-area-review-team). > > Please resolve these comments along with any other Last Call comments > you may receive. Please wait for direction from your document > shepherd or AD before posting a new version of the draft. > > Document: draft-ietf-fecframe-sdp-elements > Reviewer: Dave Cridland > Review Date: 2010-09-07 > > Summary: This draft has minor editorial issues, and one potential > issue. The document could be published as an RFC with the existing > encoding of repair-window, but some thought should be given to it. > > Major Issues: None > > Minor Issues: > > Section 4.6 describes an SDP attribute "repair-window", which seems > to have a possibly over-complicated representation. It has two > different units, one of which is the default. This yields three > different ways of expressing the same intent: > > 150 > 150ms > 150000us Correct. > It's unclear to me what benefit this brings, and the downside could > be that implementations only handle a subset of the possibilities, > resulting in a failure to interoperate. > > I would advise serious consideration of restricting this to one unit. > If microsecond resolutions are required, then obviously this would be > µs, resulting in the above being written only as: Personally and as the author, I was pretty much always fine with the ms. I don't think we will see any need for 'us' in the foreseeable future. But, some asked for it and defining it as an alternative unit was the simple solution. > 150000 This may address your concern but for the current implementations and applications, it might be more confusing. > This is unfortunately not a current option, and if there are existing > deployments, this may yield further problems. Right. However, I am open to suggestions. If majority thinks we should change it, I can do a quick revision. > Nits: > > The term "bytes" is sometimes used where I suspect "octets" would be > more precise. OK, will do one more pass in the next revision. > Security: > > I briefly cast my eye over the Security Considerations section - > please don't grant these comments the same weight as a security > review. > > There is advice that "It is RECOMMENDED [to] follow the security > considerations of SDP". I would have thought that following those > recommendations would be a requirement. I'm quite taken with using > both RECOMMENDED and SHOULD in the same sentence, mind, but I think > this could be phrased better. Will look into this. > It's also not clear what effect the SDP modification would actually > have - whether this is a denial of service or if it yields some other > attack. (My suspicion is that if an attacker is in a position to > perform this attack, then the attacker can subvert the media streams > entirely and do something much more interesting). Yes, he can certainly do more interesting and harmful stuff. But, doing harm without being detected would be worse and SDP modification is one way of doing it. Thanks again for the review. I will address these comments in the next revision (I will be back in the weekend). Cheers, acbegen > Dave. > -- > Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@dave.cridland.net > - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ > - http://dave.cridland.net/ > Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
- [apps-discuss] apps-team review of draft-ietf-fec… Dave Cridland
- Re: [apps-discuss] apps-team review of draft-ietf… Ali C. Begen (abegen)