[secdir] secdir review of draft-ietf-behave-turn-uri-03.txt
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Mon, 19 October 2009 09:45 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3356028C132; Mon, 19 Oct 2009 02:45:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.636
X-Spam-Level:
X-Spam-Status: No, score=-0.636 tagged_above=-999 required=5 tests=[AWL=-0.246, BAYES_20=-0.74, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rl-ccnzgVC6A; Mon, 19 Oct 2009 02:45:58 -0700 (PDT)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by core3.amsl.com (Postfix) with ESMTP id 332A73A67A3; Mon, 19 Oct 2009 02:45:58 -0700 (PDT)
Received: from localhost (demetrius1.jacobs-university.de [212.201.44.46]) by hermes.jacobs-university.de (Postfix) with ESMTP id AB117C0016; Mon, 19 Oct 2009 11:46:04 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius1.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id eqVwz8k+v1hr; Mon, 19 Oct 2009 11:46:03 +0200 (CEST)
Received: from elstar.local (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id E9190C0014; Mon, 19 Oct 2009 11:46:03 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501) id 8484FD47A60; Mon, 19 Oct 2009 11:46:03 +0200 (CEST)
Date: Mon, 19 Oct 2009 11:46:03 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: petithug@acm.org
Message-ID: <20091019094603.GB4708@elstar.local>
Mail-Followup-To: petithug@acm.org, iesg@ietf.org, secdir@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: iesg@ietf.org, secdir@ietf.org
Subject: [secdir] secdir review of draft-ietf-behave-turn-uri-03.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2009 09:45:59 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document introduces the turn: and turns: URI schemes. The security considerations point to the relevant documents, one of them being RFC 3958. Section 8 of RFC 3958 states that S-NAPTR application protocols "should define some form of end-to-end authentication to ensure that the correct destination has been reached." I think it would be useful to spell how TURN meets this or whether there are reasons why TURN does not need such a sanity check. (1-2 sentences should be enough.) /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- [secdir] secdir review of draft-ietf-behave-turn-… Juergen Schoenwaelder
- Re: [secdir] secdir review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [secdir] secdir review of draft-ietf-behave-t… Juergen Schoenwaelder
- Re: [secdir] secdir review of draft-ietf-behave-t… Magnus Westerlund
- Re: [secdir] secdir review of draft-ietf-behave-t… Juergen Schoenwaelder
- Re: [secdir] secdir review of draft-ietf-behave-t… Magnus Westerlund
- Re: [secdir] secdir review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [secdir] secdir review of draft-ietf-behave-t… Juergen Schoenwaelder
- Re: [secdir] secdir review of draft-ietf-behave-t… Pasi.Eronen
- Re: [secdir] secdir review of draft-ietf-behave-t… Marc Petit-Huguenin