[secdir] secdir review of draft-ietf-avtcore-5761-update-01

"Scott G. Kelly" <scott@hyperthought.com> Thu, 22 September 2016 00:57 UTC

Return-Path: <scott@hyperthought.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1694412BEEE for <secdir@ietfa.amsl.com>; Wed, 21 Sep 2016 17:57:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuA2TYCotoWI for <secdir@ietfa.amsl.com>; Wed, 21 Sep 2016 17:57:23 -0700 (PDT)
Received: from smtp66.iad3a.emailsrvr.com (smtp66.iad3a.emailsrvr.com [173.203.187.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C70FD12BEE7 for <secdir@ietf.org>; Wed, 21 Sep 2016 17:57:23 -0700 (PDT)
Received: from smtp25.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp25.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 19E1520499; Wed, 21 Sep 2016 20:57:21 -0400 (EDT)
Received: from app6.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by smtp25.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 0F8BE2045D; Wed, 21 Sep 2016 20:57:21 -0400 (EDT)
X-Sender-Id: scott@hyperthought.com
Received: from app6.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by 0.0.0.0:25 (trex/5.7.7); Wed, 21 Sep 2016 20:57:21 -0400
Received: from hyperthought.com (localhost [127.0.0.1]) by app6.wa-webapps.iad3a (Postfix) with ESMTP id F125BA0069; Wed, 21 Sep 2016 20:57:20 -0400 (EDT)
Received: by apps.rackspace.com (Authenticated sender: scott@hyperthought.com, from: scott@hyperthought.com) with HTTP; Wed, 21 Sep 2016 17:57:20 -0700 (PDT)
Date: Wed, 21 Sep 2016 17:57:20 -0700 (PDT)
From: "Scott G. Kelly" <scott@hyperthought.com>
To: "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-avtcore-5761-update.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Importance: Normal
X-Priority: 3 (Normal)
X-Type: plain
X-Auth-ID: scott@hyperthought.com
Message-ID: <1474505840.985821095@apps.rackspace.com>
X-Mailer: webmail/12.5.3-RC
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/wNgHNOohjfA_agG2sJSt7rgJVjo>
Subject: [secdir] secdir review of draft-ietf-avtcore-5761-update-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2016 00:57:25 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

From the abstract:

   This document updates RFC 5761 by clarifying the SDP offer/answer
   negotiation of RTP and RTCP multiplexing.  It makes it clear that an
   answerer can only include an "a=rtcp-mux" attribute in an SDP answer
   if the associated SDP offer contained the attribute.

The security considerations section says

   The security considerations for RTP and RTCP multiplexing are
   described in RFC 5761.  This specification does not impact those
   security considerations.

I agree, I see no new security issues with this draft.