[Sipbrandy] Opsdir last call review of draft-ietf-sipbrandy-rtpsec-07
Dan Romascanu <dromasca@gmail.com> Tue, 26 February 2019 10:16 UTC
Return-Path: <dromasca@gmail.com>
X-Original-To: sipbrandy@ietf.org
Delivered-To: sipbrandy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D7C6D130EB8; Tue, 26 Feb 2019 02:16:03 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Dan Romascanu <dromasca@gmail.com>
To: ops-dir@ietf.org
Cc: sipbrandy@ietf.org, draft-ietf-sipbrandy-rtpsec.all@ietf.org, ietf@ietf.org, dromasca@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 6.92.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155117616382.12098.15230968773030912720@ietfa.amsl.com>
Date: Tue, 26 Feb 2019 02:16:03 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipbrandy/qRqwBVLcJJgtUf9L2nKu5YI72BU>
Subject: [Sipbrandy] Opsdir last call review of draft-ietf-sipbrandy-rtpsec-07
X-BeenThere: sipbrandy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: SIPBRANDY working group discussion list <sipbrandy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipbrandy/>
List-Post: <mailto:sipbrandy@ietf.org>
List-Help: <mailto:sipbrandy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Feb 2019 10:16:04 -0000
Reviewer: Dan Romascanu Review result: Ready This document with an intended status BCP describes best practices for negotiating confidential media with SIP which include two approaches: comprehensive protection solutions which bind the media to SIP-layer identities, and opportunistic security solutions. The document is Ready from an OPS-DIR point of view. As the document does not define new protocols but rather refers existing specifications, a full RFC 5706 review does not apply. I have two non-blocking comments from an operational point of view: 1. The two approaches seem to differ from several aspects including the maturity of the specification. Comprehensive protection relies on a set of stable RFCs, while opportunistic solutions refer two work-in-progress IDs. It would be useful to mention this, and maybe include a comparative list of features which would help in selecting the appropriate solution from case to case 2. We are missing in the SIP realm some documentation about the impact of applying the various confidentiality approaches on manageability. For example is observability impacted? Can session statistics be retrieved and error condition signaled? Do approaches like RTCP-XR still apply? Maybe this BCP can be a good place for such an operational consideration section.
- [Sipbrandy] Opsdir last call review of draft-ietf… Dan Romascanu