[secdir] SECDIR review of draft-ietf-mmusic-proto-iana-registration-05

Adam Montville <adam.w.montville@gmail.com> Mon, 22 February 2016 18:24 UTC

Return-Path: <adam.w.montville@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id B4A451A8F42; Mon, 22 Feb 2016 10:24:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id UGi7BKmbOcH6; Mon, 22 Feb 2016 10:24:13 -0800 (PST)
Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00FF81B2BCA; Mon, 22 Feb 2016 10:24:13 -0800 (PST)
Received: by mail-oi0-x236.google.com with SMTP id w5so60908566oie.3; Mon, 22 Feb 2016 10:24:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=x61mNxHgTP6nz70gYHbx0/MgcoSO+gUpGNUkvSaQ5jk=; b=uDw83xAKGOUqQLOaNWUC7poSM0BeG8VA/q0yltU+DRUA2NIxijgoYz6uDzBpOJtUAW 315GFxrSHyuTdJFwY8aTCCESRS8KkzHSuZ7+F/DIu9pG8KNqkHn8lOM7/zAxvvO6n8/6 J5i/MgRMoWx0ga7+qqSMTwFvH93E2yNn6HaqAUGS2pna3uAQkmjk4zcT5+yvf9NcRmRB E1bqr3/m7wWMrdEssDdXuMy1EwxdVbRTL32yMZ8PYPbxUvkJRQ3LPg14aBTd0pmOXaO5 UqeTtxMq4/sTgzFs0yNCu/JggTg7i+GHCcBMz2ZYEJ37Mz9RoBDAqyclDxvo9ywZQRaI /2wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-type:content-transfer-encoding :subject:message-id:date:to:mime-version; bh=x61mNxHgTP6nz70gYHbx0/MgcoSO+gUpGNUkvSaQ5jk=; b=BpJcjkVnivkkd0nmKJuDIC3+BNvth5EyemiaIZ0LiCnFslXqzZs6oUqe6wq06lp3Jm GazaZsf+yPRD1sC/vFfWdNGsMaiOpA5+TTMzxNReeMoZ4LQoSEu/KLTQ6NTxojByEWiY QHQggxaiVOXrye/Gl3YgDYq1UYpw2cUcpYtVzXyxuiRAKQtEo1nquHZkV2T1UJLAavgx KtWHjuSzl8Emj5vNop2K8PMPbgUgX6AkinQo3LtcCmnSzcYcG0z/I1bdcC+/f7hDBbw3 tPOO+rDPlnKNU7ktapXOCIjotTCVEUNG+3f3QpuUCWIlUMSAFUPHCVj67rnCEZOJrqHy 6CkA==
X-Gm-Message-State: AG10YOT+Wbbqx4kGX1PIprovson8o+NyoRjCaQ8ANAuZ0buxCJAT8EzZCVB/SSkqtNG8Lg==
X-Received: by with SMTP id o41mr23243429oik.57.1456165452428; Mon, 22 Feb 2016 10:24:12 -0800 (PST)
Received: from macbook-pro-2.attlocal.net (99-64-100-131.lightspeed.austtx.sbcglobal.net. []) by smtp.gmail.com with ESMTPSA id i5sm17507701obe.14.2016. (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 22 Feb 2016 10:24:10 -0800 (PST)
From: Adam Montville <adam.w.montville@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Message-Id: <020C51E3-4211-4C6D-9DE4-863F5004FA30@gmail.com>
Date: Mon, 22 Feb 2016 12:24:09 -0600
To: The IESG <iesg@ietf.org>, secdir@ietf.org, draft-ietf-mmusic-proto-iana-registration.all@tools.ietf.org
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/ArUyN1X-APblifFwVjX1dNSrm2U>
Subject: [secdir] SECDIR review of draft-ietf-mmusic-proto-iana-registration-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2016 18:24:14 -0000


I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This draft specifies the transport realization for seven additional Session Description Protocol identifiers and creates a corresponding IANA registry for such, and relies on previously written security considerations, as it does not appear to introduce any new considerations.

Overall, this document is straightforward in purpose and is ready with nits.  

Possibly minor nits:

The first use of “SDP” in the first section is not spelled out.  I know that it is spelled out in the abstract, and I cannot recall what is/is not good form here.  To me, it would be more helpful if SDP were spelled out one more time in that first section (second paragraph of section 1).

In general, I favor writing for the reader over writing for the author.  As such I do not prefer using RFC identifiers as a replacement for a proper title, which would convey more meaning without dereferencing.  For example, in the second sentence of the second paragraph of section 1: “[RFC4145] specifies a general mechanism for…”  gets in the way of the primary purpose of the sentence when the reader needs to look up that reference to gain a clue.  This is especially true for readers new to the problem domain, which also means that this nit may not apply (it may well be expected that readers of this particular draft are not reasonably expected to be new to the domain). 

Kind regards,