[secdir] SECDIR review of draft-gellens-mime-bucket-bis

Chris Lonvick <clonvick@cisco.com> Tue, 28 June 2011 19:26 UTC

Return-Path: <clonvick@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97FC011E80F2; Tue, 28 Jun 2011 12:26:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B7tCpitGPc3E; Tue, 28 Jun 2011 12:26:55 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by ietfa.amsl.com (Postfix) with ESMTP id 0CB3A11E807B; Tue, 28 Jun 2011 12:26:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=clonvick@cisco.com; l=832; q=dns/txt; s=iport; t=1309289214; x=1310498814; h=date:from:to:subject:message-id:mime-version; bh=H8UsYX5U3KE8l7DT2lktTz5RP8VaWLxblR51sHiZcXM=; b=YE7vUW7QrAY1/lZ6WDbuU/FapYfEYZ+VC/aLOZEOxx1O2ZUnLUzH1j2s N05sVbxLyr6IqkneXESxsuNl98wWUjtH5fnCl4VPOILXUZSMvrE9MSaw7 GjFW16U9HoFRfUZHfRmgVO8xzOYi1Jqn9XROqkGBLVoeUhb7fN49o/7YE 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgcFALUqCk6rRDoH/2dsb2JhbABTmEwBjnN3q3WeG4YwBIc0mx0
X-IronPort-AV: E=Sophos;i="4.65,438,1304294400"; d="scan'208";a="387949257"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by sj-iport-2.cisco.com with ESMTP; 28 Jun 2011 19:26:54 +0000
Received: from sjc-cde-032.cisco.com (sjc-cde-032.cisco.com [171.69.29.20]) by mtv-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id p5SJQsln028198; Tue, 28 Jun 2011 19:26:54 GMT
Date: Tue, 28 Jun 2011 12:26:54 -0700 (PDT)
From: Chris Lonvick <clonvick@cisco.com>
To: draft-gellens-mime-bucket-bis.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Message-ID: <Pine.GSO.4.63.1106281213140.26172@sjc-cde-032.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Subject: [secdir] SECDIR review of draft-gellens-mime-bucket-bis
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2011 19:26:55 -0000

Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The document is very straightforward in that it describes codecs 
parameters and associated media types.  I agree with the conclusions in 
the security considerations section:
    The codecs parameter itself does not alter the security
    considerations of any of the media types with which it is used.  Each
    audio and video media type has its own set of security considerations
    that continue to apply, regardless of the use of the codecs
    parameter.

Regards,
Chris