Re: [secdir] secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03

Christer Holmberg <> Sun, 08 January 2017 20:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E63D3127ABE; Sun, 8 Jan 2017 12:34:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YT5OsNaqHb1P; Sun, 8 Jan 2017 12:34:05 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 945DF1298B9; Sun, 8 Jan 2017 12:34:04 -0800 (PST)
X-AuditID: c1b4fb3a-46fff70000005d1c-46-5872a23aa34d
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id 92.A0.23836.A32A2785; Sun, 8 Jan 2017 21:34:02 +0100 (CET)
Received: from ([]) by ([]) with mapi id 14.03.0319.002; Sun, 8 Jan 2017 21:34:44 +0100
From: Christer Holmberg <>
To: Melinda Shore <>, "" <>, "" <>, "" <>
Thread-Topic: secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03
Thread-Index: AQHSaKkSg8yUgjsWtEClPr+gVJEw4KEvC2zA
Date: Sun, 08 Jan 2017 20:34:00 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrGLMWRmVeSWpSXmKPExsUyM2J7uK7VoqIIg3unJS1W3U+1mPFnIrNF W9ssFosPCx+yOLB47Jx1l91jyZKfTAFMUVw2Kak5mWWpRfp2CVwZG+4WFnwRrPi2+z57A+MO wS5GTg4JAROJvWefM3cxcnEICaxjlJh6bg47hLOYUWLa1Q6gDAcHm4CFRPc/bZAGEYEnjBKN k0NBbGEBb4kLi/6yQcR9JGYfO88OYRtJnL7TxQRiswioSCza9AwszivgKzFhxyZWEFtIwEbi Yl8XI4jNKWArsXvyKmYQm1FATOL7qTVgvcwC4hK3nsxngjhUQGLJnvPMELaoxMvH/1ghbCWJ Rbc/M4GcySygKbF+lz5Eq6LElO6HUGsFJU7OfMIygVFkFpKpsxA6ZiHpmIWkYwEjyypG0eLU 4uLcdCMjvdSizOTi4vw8vbzUkk2MwNg4uOW31Q7Gg88dDzEKcDAq8fB+CC6KEGJNLCuuzD3E KMHBrCTCa7YAKMSbklhZlVqUH19UmpNafIhRmoNFSZzXbOX9cCGB9MSS1OzU1ILUIpgsEwen VAPj4j2H1tb+fVjx5vWyBaHBx89cPV+2wCo4vlV4xiX5Y6vLNifNlfvJtyJ4j0cRx6rcLvOr hQ+nexe9jZ5xsen+y/rwYzM27XJ75F1VMXkjl9m7wIeFTe1+ff/MnCXbfkcE5MgqL3NLalE+ 8qo15ZL0zq3vTrdkHo0pXqK27LnqmZSbTIZs58v0lFiKMxINtZiLihMB5ZkYUYkCAAA=
Archived-At: <>
Subject: Re: [secdir] secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 08 Jan 2017 20:34:07 -0000

Hi Melinda,

Thanks for your review!

You have a good point regarding the statement in the security considerations, and I'm ok to modify the text as suggested.



-----Original Message-----
From: Melinda Shore [] 
Sent: 07 January 2017 07:44
Subject: secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Summary: Ready, with issues

This draft defines an additional Session Initiation Protocol (SIP) Resource-Priority namespace to meet the requirements of the 3GPP defined Mission Critical Push To Talk, and places this namespace in the IANA registry.  The "Security Considerations" section is brief, stating only "[t]his document has the same Security Considerations as [RFC4412]."  I think that is actually not the case, as the security considerations for a namespace registry are not the same as the security considerations for the protocol in which the namespace is being used.  It would probably be more correct to follow the model in, say, RFC 6878 ("SIP Priority Field Registry") and say only "This document does not have any impact on the security of the SIP MCPTT protocol.  Its purpose is purely administrative in nature."

Otherwise, all's well.