[secdir] secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03

Melinda Shore <melinda.shore@gmail.com> Sat, 07 January 2017 05:44 UTC

Return-Path: <melinda.shore@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5032D129879; Fri, 6 Jan 2017 21:44:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wOuYtWNEncdf; Fri, 6 Jan 2017 21:44:07 -0800 (PST)
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com [IPv6:2607:f8b0:400e:c00::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6985129416; Fri, 6 Jan 2017 21:44:04 -0800 (PST)
Received: by mail-pf0-x233.google.com with SMTP id d2so98152974pfd.0; Fri, 06 Jan 2017 21:44:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:message-id:date:user-agent:mime-version; bh=hSgTzydU5xOGWZyhactO37FRmZL+m7H1HOR8lQpYIgI=; b=tVfr1v3lDXEfynRGM6B9NKOwxqWqImC6b2doYgRFZegzDSCx4exe2f0XVsLTXSexa5 azyIB/R+OrnACnHrEhTX/KaMGwa7WrKBpfYc7YflKBmRJehadVSgxjM1e7f3+Yvdr4fa KmgRiGV+axBRQ6DsyAqSaf4MODVylkyjmTOkV0+rUbTT31BDUw3nCg17YP/DaqE9ymww ricPfLEQtsdk/PCoOZVd+VPxNt5t/sonH/QIofwUJZqyuUVteG4/2O5bgaLt2IeJhDuc iiCaTvLOuV0M1m/5YyPOiMVRWns2DhD8KT+YePVsm8O+Q8UnVwuzzPpy0nan+GA/MmVs YtEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version; bh=hSgTzydU5xOGWZyhactO37FRmZL+m7H1HOR8lQpYIgI=; b=L1cANhptBOvE43pKGDtG/eJsz1ddc8w3du+VkZcmEs13A+UDEgVO+Zhbvc3s4t7eH8 qEUSXqj1Hj6S7W23pUp4lOTLM6C5XzUGojmDFZSSAux8EvMW5A1hWnzOXC+UtN2rEkZD WEGM+lu6eKSA7RWkX8I46YM6cdsVoiLkMeE2ogKm6ntLZ1ZjVD0cobttIm4yX10Tta/x QKP+UUfuNbTDn8nuYxhbZl6dBQFgtbMBsQAbFDGFDzMI2VvpE3r3Yl4D93skw9cSZZHM j1gqSDP8pstrEamxd68GjEjqpcqFVoYu5xcC6JBzlhaiHH77uNwZgAEXmb9Dj/dCEelI +Ijg==
X-Gm-Message-State: AIkVDXKtj0tm46LUeqg4/h7ahZhMjvkxd9KI8qX4qgmTUAca0/QcJbzoEvKu2pcIeB503A==
X-Received: by 10.84.254.15 with SMTP id b15mr22180628plm.114.1483767844206; Fri, 06 Jan 2017 21:44:04 -0800 (PST)
Received: from Melindas-MacBook-Pro.local (63-140-95-105-radius.dynamic.acsalaska.net. [63.140.95.105]) by smtp.googlemail.com with ESMTPSA id u64sm157344505pgc.39.2017.01.06.21.43.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Jan 2017 21:44:03 -0800 (PST)
From: Melinda Shore <melinda.shore@gmail.com>
To: draft-holmberg-dispatch-mcptt-rp-namespace@ietf.org, secdir@ietf.org, iesg@ietf.org
Message-ID: <43a2d0d2-9613-1ee5-4f2d-0b8f72bec5c1@gmail.com>
Date: Fri, 6 Jan 2017 20:43:54 -0900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:45.0) Gecko/20100101 Thunderbird/45.6.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="uOHqqxXrG2TxfvfOLVHH8wguc47fU8GMX"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/oczGgfMR6Fma_Iu1lgM0LFM28UE>
Subject: [secdir] secdir review of draft-holmberg-dispatch-mcptt-rp-namespace-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Jan 2017 05:44:09 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary: Ready, with issues

This draft defines an additional Session Initiation Protocol (SIP)
Resource-Priority namespace to meet the requirements of the 3GPP
defined Mission Critical Push To Talk, and places this namespace in
the IANA registry.  The "Security Considerations" section is brief,
stating only "[t]his document has the same Security Considerations as
[RFC4412]."  I think that is actually not the case, as the security
considerations for a namespace registry are not the same as the
security considerations for the protocol in which the namespace is
being used.  It would probably be more correct to follow the model in,
say, RFC 6878 ("SIP Priority Field Registry") and say only "This
document does not have any impact on the security of the SIP MCPTT
protocol.  Its purpose is purely administrative in nature."

Otherwise, all's well.

Melinda