[secdir] Secdir Last Call Review of draft-ietf-mmusic-data-channel-sdpneg-24
"Steve Hanna" <steve01@hannas.com> Mon, 11 March 2019 00:41 UTC
Return-Path: <steve01@hannas.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85DD61275F3; Sun, 10 Mar 2019 17:41:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DAzvkDCN-x1C; Sun, 10 Mar 2019 17:41:19 -0700 (PDT)
Received: from smtprelay.hostedemail.com (smtprelay0188.hostedemail.com [216.40.44.188]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4A9D126C87; Sun, 10 Mar 2019 17:41:18 -0700 (PDT)
Received: from filter.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60]) by smtprelay05.hostedemail.com (Postfix) with ESMTP id 41B571803045B; Mon, 11 Mar 2019 00:41:17 +0000 (UTC)
X-Session-Marker: 737465766530314068616E6E61732E636F6D
X-Spam-Summary: 40, 2.5, 0, , d41d8cd98f00b204, steve01@hannas.com, :::::, RULES_HIT:10:41:355:379:541:542:973:982:988:989:1155:1260:1277:1311:1313:1314:1345:1381:1437:1515:1516:1518:1534:1541:1587:1593:1594:1711:1730:1747:1777:1792:2198:2199:2393:2559:2562:2894:2911:3138:3139:3140:3141:3142:3352:3865:3866:3867:3868:3870:3872:3874:4250:4425:5007:6119:7903:8660:10011:10400:10848:11658:11914:11984:12109:12114:12679:12760:13069:13148:13161:13229:13230:13311:13357:13439:14040:14096:14097:14195:14721:21080:21212:21324:21433:21627:30006:30045:30054, 0, RBL:184.88.10.175:@hannas.com:.lbl8.mailshell.net-62.8.0.186 64.201.201.201, CacheIP:none, Bayesian:0.5, 0.5, 0.5, Netcheck:none, DomainCache:0, MSF:not bulk, SPF:fn, MSBL:0, DNSBL:neutral, Custom_rules:0:1:0, LFtime:28, LUA_SUMMARY:none
X-HE-Tag: group11_7f8dee4a51c00
X-Filterd-Recvd-Size: 2163
Received: from DESKTOP1IV8FA2 (184-088-010-175.res.spectrum.com [184.88.10.175]) (Authenticated sender: steve01@hannas.com) by omf18.hostedemail.com (Postfix) with ESMTPA; Mon, 11 Mar 2019 00:41:16 +0000 (UTC)
Reply-To: steve@hannas.com
From: Steve Hanna <steve01@hannas.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-mmusic-data-channel-sdpneg.all@ietf.org
Date: Sun, 10 Mar 2019 20:41:16 -0400
Message-ID: <03dd01d4d7a3$23a209d0$6ae61d70$@hannas.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AdTXot6upCK+Lt3iTkODqB4rHpbPhg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/y7Dlsq3y3YLjrYf3HPO2Dmh979A>
X-Mailman-Approved-At: Sun, 10 Mar 2019 17:56:39 -0700
Subject: [secdir] Secdir Last Call Review of draft-ietf-mmusic-data-channel-sdpneg-24
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 00:47:24 -0000
Review result: Ready with nits Reviewer: Steve Hanna I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. This document specifies how the SDP (Session Description Protocol) offer/answer exchange can be used to achieve an out-of-band non-DCEP negotiation for establishing a data channel. Major Concerns: None Minor Concerns: The last sentence in the Security Considerations section says: Error cases like the use of unknown parameter values or violation the odd/even rule must be handled by closing the corresponding Data Channel. I suspect that the "must" in this sentence should be "MUST". Nothing else in the document seems to state this requirement but it does seem necessary. Nits: This document has many small English language errors. For example, the first paragraph of the Introduction has three things that need to be corrected: - s/a bi-directional data channels/bi-directional data channels/ - s/prtocols/protocols/ - s/an endpoint applications/endpoint applications/ Please enlist a native English speaker as a proofreader.
- [secdir] Secdir Last Call Review of draft-ietf-mm… Steve Hanna
- Re: [secdir] Secdir Last Call Review of draft-iet… Roni Even (A)
- Re: [secdir] Secdir Last Call Review of draft-iet… Steve Hanna