[secdir] secdir review of draft-ietf-sip-record-route-fix-06
Chris Lonvick <clonvick@cisco.com> Tue, 30 June 2009 19:24 UTC
Return-Path: <clonvick@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AB7C63A6EB1; Tue, 30 Jun 2009 12:24:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.539
X-Spam-Level:
X-Spam-Status: No, score=-6.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id se4yRMiJZRHn; Tue, 30 Jun 2009 12:24:16 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 28BBB3A6EB5; Tue, 30 Jun 2009 12:24:09 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.42,318,1243814400"; d="scan'208";a="334915986"
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-6.cisco.com with ESMTP; 30 Jun 2009 19:23:53 +0000
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id n5UJNrJq002538; Tue, 30 Jun 2009 12:23:53 -0700
Received: from sjc-cde-011.cisco.com (sjc-cde-011.cisco.com [171.69.16.68]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id n5UJNriR021727; Tue, 30 Jun 2009 19:23:53 GMT
Date: Tue, 30 Jun 2009 12:23:53 -0700
From: Chris Lonvick <clonvick@cisco.com>
To: iesg@ietf.org, secdir@ietf.org, Thomas.Froment@alcatel-lucent.fr, Christophe.Lebel@alcatel-lucent.fr, ben.bonnaerens@alcatel-lucent.be, Dean Willis <dean.willis@softarmor.com>, Keith Drage <drage@alcatel-lucent.com>, Dan Romascanu <dromasca@avaya.com>
Message-ID: <Pine.GSO.4.63.0906301133480.19981@sjc-cde-011.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1147; t=1246389833; x=1247253833; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=clonvick@cisco.com; z=From:=20Chris=20Lonvick=20<clonvick@cisco.com> |Subject:=20secdir=20review=20of=20draft-ietf-sip-record-ro ute-fix-06 |Sender:=20; bh=a+6GwDdgBGdOOjTLXpMbSMVSE5CO1qVOpWDL1quvFx8=; b=UEOFvr3t3Lfj1YO7QxS8lm2OxItLBxZ73VjbYKMNspDnKEEG8Jowd5cVWm 1PDFlXa/U0GDIr4Af9bol5tVtR4e/KyhPNCH8YhaV8RrQ3sKOcFQ4ieR3VUD ZylhUuw5SUOF2cQvoI7OdtFV6bxyjlPZix16xclUNnl+MiwdhcozQ=;
Authentication-Results: sj-dkim-1; header.From=clonvick@cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Subject: [secdir] secdir review of draft-ietf-sip-record-route-fix-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2009 19:24:16 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document explans the problems with SIP record route recommendations from prior documents and proposes a solution that should result in consistent behaviour. While I am not intimately familiar with SIP and SIP proxying, I think that this is a good thing. The Security Considerations section is appropriate for this document. I did come across two nits in my review. The first is that the Abstract contains "sip" and "sips" but those are all uppercase throughout the rest of the document. The rest of that paragraph could use some scrutiny as well to make some parts of it more clear. Also, the third paragraph in section 5 talks about a "spiral". That concept is not defined in this document so I couldn't tell if it is a good thing, or a bad thing. Regards, Chris
- [secdir] secdir review of draft-ietf-sip-record-r… Chris Lonvick