[apps-discuss] Apps directorate review of draft-ivov-xmpp-cusax
Ted Hardie <ted.ietf@gmail.com> Mon, 15 July 2013 16:46 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC5C421E80E4; Mon, 15 Jul 2013 09:46:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.283
X-Spam-Level:
X-Spam-Status: No, score=-2.283 tagged_above=-999 required=5 tests=[AWL=0.316, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LlSrkR80pNc3; Mon, 15 Jul 2013 09:46:40 -0700 (PDT)
Received: from mail-ie0-x236.google.com (mail-ie0-x236.google.com [IPv6:2607:f8b0:4001:c03::236]) by ietfa.amsl.com (Postfix) with ESMTP id 08AB221E80E2; Mon, 15 Jul 2013 09:46:39 -0700 (PDT)
Received: by mail-ie0-f182.google.com with SMTP id s9so26757188iec.27 for <multiple recipients>; Mon, 15 Jul 2013 09:46:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=xwt7JrPL/8YrlALbYJqnDwIPpk2GYUa/PuZoALhMs9M=; b=xr1ouw9rbDFInLGoRGC+dSHMDJbXvesoZ3JzX7xr86tAY3l1ZaHcFnfmN4rJP75Jl9 Lu7irm8As7uH9V6JnNIgdNBy6anlulW3b8QZEkqY3nq6oIBXuRzg2eBx1OjxixyhydV1 mfnV8NiXqCwxvHUh7MZfYYeonT211efgnpOCdMt7tzqaffIjPr58LIrcKuZ7TaBhV6jK 3g2YvHCsGorZ/JJ6w3X12pcMS62fRklxhKj6O6MrrIkvbqxsS1k22D0b8RWeWCXiGxIw 9Ri0qzvXK+lD2uBmM5TuvrckGbcD9eAjU7P4eYPfqzvL+GRjRNkhPp7YJG5Zn6Ukiq0G Yi7Q==
MIME-Version: 1.0
X-Received: by 10.50.134.9 with SMTP id pg9mr7635116igb.29.1373906798599; Mon, 15 Jul 2013 09:46:38 -0700 (PDT)
Received: by 10.42.29.202 with HTTP; Mon, 15 Jul 2013 09:46:38 -0700 (PDT)
Date: Mon, 15 Jul 2013 09:46:38 -0700
Message-ID: <CA+9kkMDZfmGyhHnUguJJxLhS6gBiPcFQ0od+e_DQHRE3CdqPzA@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: draft-ivov-xmpp-cusax.all@tools.ietf.org, apps-discuss@ietf.org
Content-Type: multipart/alternative; boundary="047d7b41407eaf6b0104e18f9ada"
Cc: IESG <iesg@ietf.org>
Subject: [apps-discuss] Apps directorate review of draft-ivov-xmpp-cusax
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2013 16:46:40 -0000
I have been selected as the Applications Area Directorate reviewer for this draft (for background on appsdir, please see http://trac.tools.ietf.org/area/app/trac/wiki/ApplicationsAreaDirectorate). Please resolve these comments along with any other Last Call comments you may receive. Please wait for direction from your document shepherd or AD before posting a new version of the draft. Document: draft-ivov-xmpp-cusax-06 Title: CUSAX: Combined Use of the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP) Reviewer: Ted Hardie Review Date: July 15th, 2013 Summary: This document is ready for publication as an Informational RFC. Some additional text in the security considerations section (or pointers to external text) may be useful, but is not absolutely required. Minor Issues: The text in the security considerations does not seem to consider some attacks which appear obvious in light of the discussion of federation. The federation example points out that the mismatch between client capabilities may cause calls to be initiated with costs contrary to the expectation of the end user; this could, of course, be done maliciously as well as by accident. A back reference to the federation section with appropriate text (or text focusing on the attack surface) might be appropriate. Nits: I find the text: Today, in the context of the SIMPLE working group, somewhat odd in the context of an archival document.