Secdir last call review of draft-ietf-mmusic-dtls-sdp-22

Rich Salz <> Thu, 06 April 2017 17:00 UTC

Return-Path: <>
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id 297A6126CD8; Thu, 6 Apr 2017 10:00:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rich Salz <>
To: <>
Subject: Secdir last call review of draft-ietf-mmusic-dtls-sdp-22
X-Test-IDTracker: no
X-IETF-IDTracker: 6.49.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <>
Date: Thu, 06 Apr 2017 10:00:00 -0700
Archived-At: <>
X-Mailman-Version: 2.1.22
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 06 Apr 2017 17:00:00 -0000

Reviewer: Rich Salz
Review result: Has Nits

The term "ufrag" should be explained, or at least have a reference on
its first use.  It seems important :)

I think the "fingerprint" reference should be moved up to the bullet
list in section 4, from the bullet list in 5.1

Sec 4 uses the term "cryptographic random function" which is not a
common security term.  (See
 I would just say "strong random function"; it's the number of random
bits that counts.  Or use CSPRNG as the term.

In Sec 9, it seems like quoting all the old text is way too verbose. 
I would just say "replace with the following NEW TEXT"
If it's not replacing an entire section, then say "the nnn paragraphs
starting with xxxxx" or similar construct.