I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please resolve these comments along with any other Last Call comments
you may receive.
Document: Diameter Polic Processing Application
Reviewer: Joel M. Halpern
Review Date: 6-January-2008
IETF LC End Date: 17-January-2008
IESG Telechat date: N/A
Summary: This document is nearly ready for publication as an information
RFC.
The first of the two comments below is probably primarily the IESG's
concern, although it affects the IETF last call.
The second comment is a more general issue.
Comments:
This document requests assignment of a Diameter Command Code.
As this requires "IETF Consensus" additional care may be needed to
ensure that the Last Call produces clarity on the required consensus.
It would seem appropriate for the last call announcement to have
indicated this requirement. It is difficult to claim "IETF Consensus"
from the typical non-response to IETF last call for informational documents.
It seems exceedingly unlikely that the protocol exchanges to support a
separate policy processing application introduce no new security issues
compared with the Diameter base protocol in the assumed Diameter
deployment. Obviously, as I am not performing a full review of the
PEM-1 protocol, I can not assert that there are or are not security
implications, but it would seem that there are likely to be such. I
would be less concerned, but examination of the PEM-1 specification did
not show the existence of a security discussion which could be taken to
serve in lieu of such a section.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf