Last Call Review of draft-ietf-avt-rapid-rtp-sync-
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other comments.
The extensions described in this document probably do not cause any security problems for the Internet. As the security considerations section says, the security of these extensions inherit most of the security considerations of RTP.
From my admittedly naive reading, it seems that an attacker could use one or more of these extensions to amplify a denial-of-service attack by causing nodes to try to synch when they can't; if so, that might be added to the security considerations section. However, this is a trivial point even if true, and the document is fine as-is.
--Paul Hoffman, Director