[secdir] secdr review of draft-ietf-avtext-rtp-duplication

David Harrington <ietfdbh@comcast.net> Tue, 04 February 2014 02:54 UTC

Return-Path: <ietfdbh@comcast.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 8DF551A0355 for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2014 18:54:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.534
X-Spam-Status: No, score=-2.534 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 5sRVJD1lvUa6 for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2014 18:54:57 -0800 (PST)
Received: from qmta02.westchester.pa.mail.comcast.net (qmta02.westchester.pa.mail.comcast.net [IPv6:2001:558:fe14:43:76:96:62:24]) by ietfa.amsl.com (Postfix) with ESMTP id 3225E1A0353 for <secdir@ietf.org>; Mon, 3 Feb 2014 18:54:57 -0800 (PST)
Received: from omta17.westchester.pa.mail.comcast.net ([]) by qmta02.westchester.pa.mail.comcast.net with comcast id N2Fg1n0031vXlb8512uw1a; Tue, 04 Feb 2014 02:54:56 +0000
Received: from [] ([]) by omta17.westchester.pa.mail.comcast.net with comcast id N2uc1n0050kGrnC3d2ufwJ; Tue, 04 Feb 2014 02:54:54 +0000
From: David Harrington <ietfdbh@comcast.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_361D9D53-A3EE-430F-8FE0-EA5949C7D816"
Date: Mon, 03 Feb 2014 21:54:34 -0500
To: draft-ietf-avtext-rtp-duplication.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Message-Id: <6BE7194C-1E4F-46AB-B3E1-082A05579B4F@comcast.net>
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
X-Mailer: Apple Mail (2.1510)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1391482496; bh=tisqhm2UdnmADLKJAiw6DhL9fzZqWKC2kS4YW2fXdlw=; h=Received:Received:From:Content-Type:Date:Subject:To:Message-Id: Mime-Version; b=nEztninNfLODNe480SeZzLfu6e/VJV3TJMtNwmBs4ru75l7ZusuTg1R/IqbzL2MTR bFRRBKRU1NWZyTxy/CUYx9kE9d99leDq7rzIGVL9zCSYzZBNhlpvVQ2xu9Z2EPKKhU oakP/2EiDxJQ71KYJ+n45k442axCTfHBLN5B2fxeFDl2OcUl2wns0hVVIFwQH+53JY OPiZh49x4gTXfhZlu9fvxw+UDSPl38kO2RXyIVdGhsVpnFwn5RV5lvGJnP3VegNLhK 6zUaD9rWTVCJY2dg8llcjwOWAOT4CO8NIqwkCpYYWsHEM/tBQgABO07OlxbRZUjDHV ksYnMfFMiH97w==
Subject: [secdir] secdr review of draft-ietf-avtext-rtp-duplication
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Feb 2014 02:54:59 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

From a security perspective, I believe this draft is Ready for publication.

I am not an expert is RTP, RTCP, and related protocols. I assume this is a valid extension based largely on the authorship by Ali Begen, and suggestions by Magnus Westerlund.

I have a concern with section 3.4, which lists two states that are REQUIRED to exist for this specification, and then discusses that other approaches could work but would require an additional specification. Doesn't that make this appropriate for SHOULD rather than REQUIRED terminology?

in section 4.2, "We require …"; does the protocol specification REQUIRE this?

s/section section/section/

David Harrington