Re: [secdir] secdir review of: draft-ietf-behave-turn-tcp-06

Simon Perreault <simon.perreault@viagenie.ca> Mon, 29 March 2010 21:22 UTC

Return-Path: <simon.perreault@viagenie.ca>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B03173A6985; Mon, 29 Mar 2010 14:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.869
X-Spam-Level:
X-Spam-Status: No, score=-0.869 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, GB_I_LETTER=-2]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d91BgxAe-oce; Mon, 29 Mar 2010 14:22:57 -0700 (PDT)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [206.123.31.2]) by core3.amsl.com (Postfix) with ESMTP id 45A4E3A6975; Mon, 29 Mar 2010 14:22:55 -0700 (PDT)
Received: from [10.24.69.140] (unknown [216.207.245.1]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 585AF21BE1; Mon, 29 Mar 2010 17:23:21 -0400 (EDT)
Message-ID: <4BB11A48.9090401@viagenie.ca>
Date: Mon, 29 Mar 2010 16:23:20 -0500
From: Simon Perreault <simon.perreault@viagenie.ca>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
MIME-Version: 1.0
To: Patrick Cain <pcain@coopercain.com>
References: <017001cacf85$327ccc40$977664c0$@com>
In-Reply-To: <017001cacf85$327ccc40$977664c0$@com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Tue, 30 Mar 2010 19:30:10 -0700
Cc: draft-ietf-behave-turn-tcp.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of: draft-ietf-behave-turn-tcp-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Mar 2010 21:23:01 -0000

Thanks!

Simon

On 2010-03-29 16:17, Patrick Cain wrote:
> Hi,
>
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors.  Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
>     The document defines an extension of Traversal Using Relays
>     around NAT (TURN), a relay protocol for NAT traversal, to allow a
>     TURN client to request TCP allocations, and defines new requests and
>     indications for the TURN server to open and accept TCP connections
>     with the client's peers.
>
> After reading the other four-letter protocol specs (TURN, STUN) I have no
> problems with this document. The new features do not raise any security
> concerns that are not already addressed in the base TURN documents.
>
> Pat Cain


-- 
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server        --> http://numb.viagenie.ca
vCard 4.0               --> http://www.vcarddav.org