[secdir] Review of draft-ietf-sipcore-presence-scaling-requirements-01
Tero Kivinen <kivinen@iki.fi> Mon, 24 August 2009 12:10 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 36B713A6995; Mon, 24 Aug 2009 05:10:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.539
X-Spam-Level:
X-Spam-Status: No, score=-2.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iv+05zlJC2Bl; Mon, 24 Aug 2009 05:10:03 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id 6F6583A67AD; Mon, 24 Aug 2009 05:10:02 -0700 (PDT)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.13.8) with ESMTP id n7OCA3Qq028373 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 24 Aug 2009 15:10:03 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id n7OCA3x2029979; Mon, 24 Aug 2009 15:10:03 +0300 (EEST)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19090.33563.491859.518026@fireball.kivinen.iki.fi>
Date: Mon, 24 Aug 2009 15:10:03 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 11 min
X-Total-Time: 10 min
Cc: draft-ietf-sipcore-presence-scaling-requirements@tools.ietf.org, sipping-chairs@tools.ietf.org
Subject: [secdir] Review of draft-ietf-sipcore-presence-scaling-requirements-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Aug 2009 12:10:05 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This documents lists set of requirements for the optimizations for SIP/SIMPLE when used in large inter-domain environments. As such it does not really have security considerations as it does not specify any protocol, but it does have some security requirements. Most of those security requirements are in type of "MUST NOT change security requirements of existing RFCs". I think the current document is good enough for security considerations / requirements area. One thing that do require more work is the abstract section. Now it is very short (single sentence) and it mostly says same thing as title of the document. It should give more information what is meant with "inter-domain" and give references to the "SIP/SIMPLE" already there, not just use those acronyms there withing expanding them or providing references. Taking few more sentenses from the "Introduction" section would fix that problem. Nits: Section "4. Considerations for Possible Optimizations": "Some initial work to address= these issues can be found in:" ^^^^ Extra '='-character. -- kivinen@iki.fi
- [secdir] Review of draft-ietf-sipcore-presence-sc… Tero Kivinen