[martini] gin #65 (new): Secdir review of draft-ietf-martini-gin-10.txt

"martini issue tracker" <trac@tools.ietf.org> Wed, 17 November 2010 05:43 UTC

Return-Path: <trac@tools.ietf.org>
X-Original-To: martini@core3.amsl.com
Delivered-To: martini@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D2A253A6820 for <martini@core3.amsl.com>; Tue, 16 Nov 2010 21:43:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wGl-amTk3-di for <martini@core3.amsl.com>; Tue, 16 Nov 2010 21:43:00 -0800 (PST)
Received: from zinfandel.tools.ietf.org (unknown [IPv6:2001:1890:1112:1::2a]) by core3.amsl.com (Postfix) with ESMTP id 9BA8B3A680E for <martini@ietf.org>; Tue, 16 Nov 2010 21:43:00 -0800 (PST)
Received: from localhost ([::1] helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.72) (envelope-from <trac@tools.ietf.org>) id 1PIao5-0006EP-Aj; Tue, 16 Nov 2010 21:43:45 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: "martini issue tracker" <trac@tools.ietf.org>
X-Trac-Version: 0.11.7
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.11.7, by Edgewall Software
To: radiaperlman@gmail.com
X-Trac-Project: martini
Date: Wed, 17 Nov 2010 05:43:45 -0000
X-URL: http://tools.ietf.org/martini/
X-Trac-Ticket-URL: https://svn.tools.ietf.org/wg/martini/trac/ticket/65
Message-ID: <064.6f4e9c358a64a1928eba8fdef56f6e42@tools.ietf.org>
X-Trac-Ticket-ID: 65
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: radiaperlman@gmail.com, martini@ietf.org
X-SA-Exim-Mail-From: trac@tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Cc: martini@ietf.org
Subject: [martini] gin #65 (new): Secdir review of draft-ietf-martini-gin-10.txt
X-BeenThere: martini@ietf.org
X-Mailman-Version: 2.1.9
List-Id: Discussion of en-mass SIP PBX registration mechanisms <martini.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/martini>
List-Post: <mailto:martini@ietf.org>
List-Help: <mailto:martini-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Nov 2010 05:43:02 -0000

#65: Secdir review of draft-ietf-martini-gin-10.txt

 I have reviewed this document as part of the security directorate's
 ongoing effort to review all IETF documents being processed by the
 IESG.  These comments were written primarily for the benefit of the
 security area directors.  Document editors and WG chairs should treat
 these comments just like any other last call comments.

 This draft defines an extension to the SIP protocol to enable a more
 efficient encoding in the case where multiple phone numbers (those
 under the control of a SIP-PBX) can roam together. Backwards and
 forwards compatibility requirements make this change more complex than
 one might expect.

 There are no important security considerations for this document other
 than the amplification of some DoS attacks, and much of the
 information in the Security Considerations section is actually about
 requirements for protocol correctness. I would assume the rest
 duplicates information from the SIP specification, though I haven't
 checked. The bottom line is that I believe the document is just fine
 as it is.

 I found two minor typos:

 1) Page 3 para 2 line 3: "users" -> "user's"

 2) The indented text at the end of section 3  was copied from RFC4475,
 but in the copying some leading spaces on some of the lines were lost.
 Since the purpose of this text is to illustrate how embedded spaces in
 actual data will be represented in the body of this RFC, losing those
 spaces negates the value of the section.

-- 
------------------------------------+---------------------------------------
 Reporter:  radiaperlman@…          |       Owner:            
     Type:  defect                  |      Status:  new       
 Priority:  minor                   |   Milestone:  milestone1
Component:  gin                     |     Version:  1.0       
 Severity:  Submitted WG Document   |    Keywords:            
------------------------------------+---------------------------------------

Ticket URL: <https://svn.tools.ietf.org/wg/martini/trac/ticket/65>
martini <http://tools.ietf.org/martini/>