I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors.  Document editors and WG chairs should treat 

these comments just like any other last call comments.

This document concerns the requirements for peering at the session layer using the SIP protocol

in order to exchange multimedia traffic.   The security requirements are presented

in the Security Considerations section.  It addresses three parts : acquisition of session establishment

data, SIP signaling exchanges, end End-to-end media security.  For session establishment data acquisition,

the document says that both authentication and confidentiality MUST be supported.  For SIP signaling exchanges,

the authors note that this is beyond the scope of the document, but gives some recommendations without normative 

requirements.  For media exchange the requirements are that the session peering protocols MUST NOT interfere with

any security mechanisms of the media exchange protocols.

I found the security considerations section well-thought out and well-motivated,  The authors were careful to give reasons

for all their assertions, and their discussion of security mechanisms for SIP signaling exchanges is also welcome in that it provides

context, even though it is strictly outside the scope of the document.  I do not see any problems here.

 

Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942

email: 

catherine.meadows at nrl.navy.mil

 

_______________________________________________
secdir mailing list
secdir at mit.edu


https://mailman.mit.edu/mailman/listinfo/secdir