Re: [Sipbrandy] WGLC: draft-ietf-sipbrandy-osrtp-04 - Christer's review

[Christer Holmberg <christer.holmberg@ericsson.com>]

Hi,

>> Below is my WGLC review.
>>
>> I base my review based on the assumption that the associated MMUSIC 
>> draft is not going to be progressed, and that 
>> draft-ietf-sipbrandy-osrtp is the ONLY deliverable related to OSRTP and SDP O/A.
>>
>> Also, some of my comments is repeating what I have said previously, 
>> but I include them in my review in order to have everything in one place.
>>
>>
>> GENERAL:
>> --------
>>
>> QG_1: The draft will be published as an Informational RFC (I know the 
>> reason, so no need to discuss that). Because of that, many SDOs will 
>> not be able to normatively reference it. So, if such SDO wants to 
>> adopt SDP O/A procedures of OSRTP (I know there are SDOs, or at least 
>> SDO members, interested in OSRTP), they would have to "re-define" the 
>> procedures themselves.
>>
>> I wonder whether it would be useful to include some text/guidance 
>> regarding that in the document, i.e., recommending that such 
>> procedures are based on the procedures in the draft, for interoperability purpose etc?
>
> [Andy H] - Personally I don't see the need for this but if you want this and want to provide text I would not object.

I think it is important to inform the community that IETF do not (at the time of publishing the document) intend to define normative SDP O/A procedures for OSRTP, and that anyone who needs normative procedures will have to define them themselves.

...

>> Section 1:
>> ----------
>>
>>
>> Q1_1: Shall we really reference individual drafts that will not progress?
>> Couldn't we simply talk about "based on previous work and studies done 
>> by Hadriel Kaplan"
>
> [AndyH] - I would prefer to keep the reference to the individual draft given that this draft is informational I think 
> it is good information to have and the kaplan draft referenced is well known.

Then please add a note saying that the work on the draft is not expected to continue, and that it is referenced only to give some background information. 

I sometimes get questions about the status of drafts that haven't progressed for a long time (or will never progress), so I think it is important to indicate that this draft will not progress.

...

>> Q3_2: Eventhough the document is Informational, since Section 3 does 
>> contain O/A text I think it should be done properly, describing how 
>> the offer is generated, how the answer is generated etc.
>
> [AndyH - I believe the text has all the relevant information but it could rewritten in the 
> traditional form of "Generating the Initial SDP Offer" and "Generating the SDP Answer" I don't 
> have a strong opinion on this but just want to get this done so whatever allows it to get done gets my vote.

Yes, but we should still use the correct structure. I can provide some help, if needed.

>> Q3_3: There is no text on subsequent offers. If security has been 
>> negotiated in a previous O/A exchange, what profile values etc do I 
>> include in subsequent offers?
>
> [AndyH] - I don't see any special procedures for subsequent offers it is the same as the initial offer if we 
> have to update the document it may be worth pointing this out.

Has there been discussions on whether the subsequent offer really is the same?

For example, if the initial O/A has resulted in SAVP, would you still use AVP in a subsequent offer?

Whatever the outcome, it needs to be documented.

>> Section 4:
>> ----------
>>
>> Q4_1: Doesn¹t the last paragraph belong in the Applicability section?
>
> [AndyH] - It is I think good to say when not to use these procedures in the security considerations but it 
> could also be considered part of the applicability section. I think as long as it is stated in the document we are okay.

I still think it belongs in the Applicability section, but I will not argue about. You can keep it as it is :)

Regards,

Christer