[secdir] Review of draft-ietf-mmusic-trickle-ice-sip-12
Shawn Emery <shawn.emery@gmail.com> Tue, 23 January 2018 00:56 UTC
Return-Path: <shawn.emery@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F41B12D852 for <secdir@ietfa.amsl.com>; Mon, 22 Jan 2018 16:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AdLGkakbg2cG for <secdir@ietfa.amsl.com>; Mon, 22 Jan 2018 16:56:27 -0800 (PST)
Received: from mail-it0-x22b.google.com (mail-it0-x22b.google.com [IPv6:2607:f8b0:4001:c0b::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31E0D12D850 for <secdir@ietf.org>; Mon, 22 Jan 2018 16:56:27 -0800 (PST)
Received: by mail-it0-x22b.google.com with SMTP id e1so11876622ita.0 for <secdir@ietf.org>; Mon, 22 Jan 2018 16:56:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=0N+O/XFtBfQoxWEPcE1bFMW5+gJUiICkLnuSDASoibI=; b=PI1H/K3MIy4rYIiVHp2w0/+7h25m1Fd5vslj4b0IsCZTiEpnoUISAw4mkX8y3Gt8S8 Dyv9D0qEyYSh7KYrPMi+a9Jy3AizNwiVakv0bJdK0JQ9ya9OJqHgaL860kEenZ9PABRF oJgCVWvmVDI7/Q/iTZ/jhpQ16hsW6XefGNTXplcxaI/Ib0HDO1CBmEfJslJWzuErdSfm 9QxvwOGChUNyDo2iBVCe7roLoos8pRMuOuuhmOMSOiWN0dv0BJqSxXpdcKswoa5Ei1wT XBPERGPWXtsOPYWDoyV7gclT+VkURBWsrmFnwe9SpHAde5NB+MjYSfOUqrUEQ4BC9FBV /MnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=0N+O/XFtBfQoxWEPcE1bFMW5+gJUiICkLnuSDASoibI=; b=aHujI9nGlgMlCJUx+XliaB9NFBxKUUxSwcys6dzCKqR9Hsr93coPEsK8aeh3AL50wA HubLhzbx6Q8Fhxw9yowIqSSU5W1iFcx4j/SdQTosfryUaWfnOaYGPtqsH6/ArHhWDtmx qyPpYi2ReLkSZZmuy5kVk4XRIjA88kgPgIvD1WGPE5Sna8CBvC1f9Cr7rD09QIhkyx00 8OI5dg2crBtsE+owysQ9FcHRwTUqitA9ruHYH5uwRobTl7nGtjGOkp/m22gMmKv4L7qC P6AEsDvKM0lK3cB3RKEgBJQSSndWwrgcYwymNJpBBmx67Qc963vjtMj3hccaCB0POtt5 nX6w==
X-Gm-Message-State: AKwxytf7aAtFhZNPHwPF5epsyjYSSZZ3PGUdjbvsf9Zo9ALJAghmdVdH gPj+gZWvA5Mu9hWORQBu5cHoURikK2yDbg++/J/nH90f
X-Google-Smtp-Source: AH8x224mv/CweRbxwJ94lhAe7qnJcdWtnWdSfWVE0sdYK77x+gxlFtiJkogZhepCNC35K6dcHNTFf8OWYrAdDx44ob0=
X-Received: by 10.36.219.137 with SMTP id c131mr1239462itg.22.1516668986246; Mon, 22 Jan 2018 16:56:26 -0800 (PST)
MIME-Version: 1.0
Received: by 10.2.153.19 with HTTP; Mon, 22 Jan 2018 16:56:25 -0800 (PST)
From: Shawn Emery <shawn.emery@gmail.com>
Date: Mon, 22 Jan 2018 17:56:25 -0700
Message-ID: <CAChzXmZVt4hH2KCRk-9iMAsiLT5CuncGPuEX8xw0mr=CDFsbOQ@mail.gmail.com>
To: secdir@ietf.org, draft-ietf-mmusic-trickle-ice-sip.all@tools.ietf.org
Content-Type: multipart/alternative; boundary="94eb2c05ae482ac9e50563670410"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/4w-o8Ww9qkEvoikufXfbDNG2bKA>
Subject: [secdir] Review of draft-ietf-mmusic-trickle-ice-sip-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jan 2018 00:56:29 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft specifies how the Session Initiation Protocol (SIP) can use the non-blocking version of the Interactive Connectivity Establishment (ICE) protocol, Trickle ICE, and defines a new registry for this usage. The security considerations section does exist and defers security concerns to draft-ietf-mmusic-ice-sip-sdp, RFC 6086, and draft-ietf-ice-trickle. 1. draft-ietf-mmusic-ice-sip-sdp This will hopefully be available for a secdir review in the near future, see general comments concern below. 2. RFC 6086 6086 prescribes S/MIME if the environment requires payloads to be private and also suggests a digest-challenge in order to provide integrity protection. 3. draft-ietf-ice-trickle defers to draft-ietf-ice-rfc5245bis. ice-sip should reference the 5245bis draft directly. I won't duplicate Stephen's efforts in reviewing 5245bis. General comments: I'm concerned about the normative references to ietf-mmusic-ice-sip-sdp. This draft should progress before or along with any dependents. Editorial comments: Some of the abbreviations that are not expanded and are not listed as well known by the RFC Editor: SDP AOR STUN TURN GRUU (needs to be expanded in Section 3.1) making it cumbersome to follow the specification. Shawn. --
- [secdir] Review of draft-ietf-mmusic-trickle-ice-… Shawn Emery
- Re: [secdir] Review of draft-ietf-mmusic-trickle-… Thomas Stach