[secdir] Secdir review of draft-ietf-sipcore-refer-clarifications-04

Radia Perlman <radiaperlman@gmail.com> Sun, 07 June 2015 05:11 UTC

Return-Path: <radiaperlman@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 3D50B1A87AA; Sat, 6 Jun 2015 22:11:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id pRD6CMS7cZe5; Sat, 6 Jun 2015 22:11:15 -0700 (PDT)
Received: from mail-lb0-x22b.google.com (mail-lb0-x22b.google.com [IPv6:2a00:1450:4010:c04::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E3AC1A87A9; Sat, 6 Jun 2015 22:11:14 -0700 (PDT)
Received: by lbbqq2 with SMTP id qq2so63794512lbb.3; Sat, 06 Jun 2015 22:11:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=FLd4cLYaithq9VvnVEv59hHGAN3JqWFyFJ/fvb7MR2M=; b=IloAUbKg+1v5fcuYedlsY1Aae/1IH0beSfXBdAuI1/z2FcTweJoZpN8ymeyq1+Q9WO PV4PsUdTtxZbjB3NY+UbfyrlIO5qAp8gEME9d1psvUhC0f1qPk6R9AadzFHEiFNVcf8O iK4bvPq+Sho4U6JF4vHHVbU4JZkN+MAEz9/L+NwEFwJQtjS3Z7NmiDZToeJKOBUGwp0e f6JMeuZ7yGzX0suXlg6dW1iJmfN0VdGOsLMNnzz69yf6DCt6g1lpmTjPabW0X3VgFsPC 3gY83zmkVjdQBEyD+RCW+JWShMskVgbAApvQ6bfawWYLoIXnGupgBAsn/iZPVpOXEJVz Y6+g==
MIME-Version: 1.0
X-Received: by with SMTP id 8mr5029091laj.56.1433653873113; Sat, 06 Jun 2015 22:11:13 -0700 (PDT)
Received: by with HTTP; Sat, 6 Jun 2015 22:11:13 -0700 (PDT)
Date: Sat, 6 Jun 2015 22:11:13 -0700
Message-ID: <CAFOuuo7N7cq0bd0-eMV_1F-PT69z_mWbJ4w8dAg4-Dpiq4CmBA@mail.gmail.com>
From: Radia Perlman <radiaperlman@gmail.com>
To: "secdir@ietf.org" <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-sipcore-refer-clarifications.all@tools.ietf.org
Content-Type: multipart/alternative; boundary=089e013c6b90d67da20517e68df6
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/jER9XY69NRBF2Y3_FTGOmK_PL8E>
Subject: [secdir] Secdir review of draft-ietf-sipcore-refer-clarifications-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jun 2015 05:11:16 -0000

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This is a clarifications document describing the changes to RFC3515 that
were implied by the publication of RFC6665. The document is fairly opaque to
readers not familiar with those two RFCs (including me), but its claim that
it does not change the security considerations for RFC3515 beyond those
already stated in RFC6665 seem highly plausible. It's a little surprising
that the contentof this document wasn't folded into RFC6665, but assuming
that document was adequately reviewed, this one should be fine.