[secdir] Review of draft-ietf-sipcore-presence-scaling-requirements-01

Tero Kivinen <kivinen@iki.fi> Mon, 24 August 2009 12:10 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 36B713A6995; Mon, 24 Aug 2009 05:10:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.539
X-Spam-Level:
X-Spam-Status: No, score=-2.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iv+05zlJC2Bl; Mon, 24 Aug 2009 05:10:03 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id 6F6583A67AD; Mon, 24 Aug 2009 05:10:02 -0700 (PDT)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.13.8) with ESMTP id n7OCA3Qq028373 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 24 Aug 2009 15:10:03 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id n7OCA3x2029979; Mon, 24 Aug 2009 15:10:03 +0300 (EEST)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <19090.33563.491859.518026@fireball.kivinen.iki.fi>
Date: Mon, 24 Aug 2009 15:10:03 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 11 min
X-Total-Time: 10 min
Cc: draft-ietf-sipcore-presence-scaling-requirements@tools.ietf.org, sipping-chairs@tools.ietf.org
Subject: [secdir] Review of draft-ietf-sipcore-presence-scaling-requirements-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Aug 2009 12:10:05 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This documents lists set of requirements for the optimizations for
SIP/SIMPLE when used in large inter-domain environments. As such it
does not really have security considerations as it does not specify
any protocol, but it does have some security requirements. Most of
those security requirements are in type of "MUST NOT change security
requirements of existing RFCs".

I think the current document is good enough for security
considerations / requirements area.

One thing that do require more work is the abstract section. Now it is
very short (single sentence) and it mostly says same thing as title of
the document. It should give more information what is meant with
"inter-domain" and give references to the "SIP/SIMPLE" already there,
not just use those acronyms there withing expanding them or providing
references.

Taking few more sentenses from the "Introduction" section would fix
that problem.

Nits:

Section "4.  Considerations for Possible Optimizations":

"Some initial work to address= these issues can be found in:"
			    ^^^^
Extra '='-character.
-- 
kivinen@iki.fi