I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft. For background on Gen-ART, please see the FAQ
at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>
Please resolve these comments along with any other comments you may receive.
Document: draft-ietf-avtext-client-to-mixer-audio-level-05.txt
Reviewer: Alexey Melnikov
Review Date: 2011-09-25
IETF LC End Date: 2011-10-04
IESG Telechat date:
Summary: The document is ready for publication as a standards track RFC.
Major issues: none
Minor issues:
Question: are the two encoding of the audio level indication option
specified in the document really necessary?
Nits/editorial comments:
6. Security Considerations
A malicious endpoint could choose to set the values in this header
extension falsely, so as to falsely claim that audio or voice is or
is not present. It is not clear what could be gained by falsely
claiming that audio is not present, but an endpoint falsely claiming
that audio is present could perform a denial-of-service attack on an
audio conference, so as to send silence to suppress other conference
members' audio. Thus, if a device relys on audio level data from
s/relys/relies ???
untrusted endpoints, it SHOULD periodically audit the level
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf