[Speermint] AD review: draft-ietf-speermint-voipthreats-05
Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com> Wed, 29 September 2010 15:14 UTC
Return-Path: <gonzalo.camarillo@ericsson.com>
X-Original-To: speermint@core3.amsl.com
Delivered-To: speermint@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 852CE3A6EEC for <speermint@core3.amsl.com>; Wed, 29 Sep 2010 08:14:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.377
X-Spam-Level:
X-Spam-Status: No, score=-106.377 tagged_above=-999 required=5 tests=[AWL=0.222, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GPd0jT-j4Cmc for <speermint@core3.amsl.com>; Wed, 29 Sep 2010 08:14:46 -0700 (PDT)
Received: from mailgw10.se.ericsson.net (mailgw10.se.ericsson.net [193.180.251.61]) by core3.amsl.com (Postfix) with ESMTP id DA5113A6EA6 for <speermint@ietf.org>; Wed, 29 Sep 2010 08:14:45 -0700 (PDT)
X-AuditID: c1b4fb3d-b7cbfae00000264e-69-4ca35810ae99
Received: from esealmw129.eemea.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw10.se.ericsson.net (Symantec Mail Security) with SMTP id 50.57.09806.01853AC4; Wed, 29 Sep 2010 17:15:28 +0200 (CEST)
Received: from esealmw129.eemea.ericsson.se ([153.88.254.177]) by esealmw129.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.3959); Wed, 29 Sep 2010 17:15:20 +0200
Received: from [131.160.126.180] ([131.160.126.180]) by esealmw129.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.3959); Wed, 29 Sep 2010 17:15:19 +0200
Message-ID: <4CA35805.80606@ericsson.com>
Date: Wed, 29 Sep 2010 18:15:17 +0300
From: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: speermint@ietf.org
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 29 Sep 2010 15:15:20.0063 (UTC) FILETIME=[2148D0F0:01CB5FE9]
X-Brightmail-Tracker: AAAAAA==
Subject: [Speermint] AD review: draft-ietf-speermint-voipthreats-05
X-BeenThere: speermint@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mailing list for the speermint working group <speermint.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/speermint>
List-Post: <mailto:speermint@ietf.org>
List-Help: <mailto:speermint-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2010 15:14:48 -0000
Hi, a couple of days ago I received a publication request for the following draft: https://datatracker.ietf.org/doc/draft-ietf-speermint-voipthreats/ Here you have my AD review of the draft (see below). The authors should be able to address all my comments fairly quickly. As soon as they revise the draft I will initiate its IETF LC. Thanks, Gonzalo draft-ietf-speermint-voipthreats-05 Expand acronyms on their first use (e.g., SPEERMINT in the title and VoIP in the Introduction). The Abstract and the Introduction attempt to explain the relationship between this draft and draft-ietf-speermint-requirements. However, Section 3.1 does a better job at that. Could you please clarify in the Introduction that the requirements in draft-ietf-speermint-requirements were derived from the threats documented in this draft? Also, please clarify that in addition to be the base for those requirements, this draft provides countermeasures to meet those requirements. Any SPEERMINT expert will probably understand that by reading the Abstract and the Introduction but clarifying those points will help readers who have not been that involved in the process. While message modification and eavesdropping is included in the threats against SF and MF, they do not seem to appear in the threats against LRF and LUF. Why? Section 4.5 recommends to use TCP instead of UDP. That advice is great, but the reasons Section 4.5 discusses are not that strong. The fact that the linux kernel has improved is irrelevant if an operator uses non-linux boxes. Also, an operator using UDP over IPsec, for instance, will not face the problems described there. The main recommendation in Section 4.5 seems to actually be to use an integrity protection mechanism. Clarifying that section would be useful. [refs.sbcfuncs] has been published as RFC 5853 A few references only include the title and the author fields. Adding the venue where they were published would be useful.
- [Speermint] AD review: draft-ietf-speermint-voipt… Gonzalo Camarillo
- Re: [Speermint] AD review: draft-ietf-speermint-v… Gonzalo Camarillo
- Re: [Speermint] AD review: draft-ietf-speermint-v… Gonzalo Camarillo
- Re: [Speermint] AD review: draft-ietf-speermint-v… Gonzalo Camarillo
- Re: [Speermint] AD review: draft-ietf-speermint-v… Jan Seedorf
- Re: [Speermint] AD review: draft-ietf-speermint-v… Gonzalo Camarillo
- Re: [Speermint] AD review: draft-ietf-speermint-v… Jan Seedorf