Secdir last call review of draft-ietf-sipbrandy-osrtp-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Sean Turner
Review result: Has Issues

I had a read of the draft as well as the GENART and TSVART reviews (to avoid
duplicating comments).

Summary: Ready with (minor) issues

Issues:

0) I assume that the mismatch the TSVART refers to in the security
considerations has to do with 1) changing 4568 to require encryption but not
fail if authentication is not available, 2) pointing out that 4568's
requirement is routinely ignore for end-to-end encryption because using TLS
with intermediaries won't protect the SDP key, and 3) and reference errors (see
the next issue).  On 1, that's kind the point of OSRTP - take the encryption
you can get.  On 2, because it's the security considerations this document is
just saying don't expect to get end-to-end.  Assuming, I've interpreted this I
think this draft is okay.

1) I think these are just reference errors, but it would be good to double
check these (and I hadn't seen a response yet - might have missed it):

S4: Not sure about these references too RFC7435.  Maybe they should be to RFC
4568 instead?

s/The security considerations of [RFC7435] apply to OSRTP,
/The security considerations of [RFC4568] apply to OSRTP,

s/Section 8.3 of [RFC7435]/Section 8.3 of [RFC4568]

s/understood that the [RFC7435]/understood that the [RFC4568]

Bikesheds:

0) The fact that it's Informational struck me as odd.

1) The fact there are no updates listed also strikes me as odd.

Nits:

0) s2: Nits reports an error with the para.  I think it's:

s/RFC 2119 [RFC2119] RFC 8174 [RFC8174]
/RFC 2119 [RFC2119] [RFC8174]

1) s1, 2nd para: s/[RFC5939] ./[RFC5939].




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux