Last Call Review of draft-ietf-avtcore-rtp-circuit-breakers-13

Request Review of draft-ietf-avtcore-rtp-circuit-breakers
Requested rev. no specific revision (document currently at 18)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-03-09
Requested 2016-02-25
Authors Colin Perkins, Varun Singh
Draft last updated 2016-03-10
Completed reviews Genart Early review of -11 by Meral Shirazipour (diff)
Genart Last Call review of -13 by Meral Shirazipour (diff)
Genart Last Call review of -14 by Meral Shirazipour (diff)
Secdir Last Call review of -13 by Magnus Nystrom (diff)
Opsdir Last Call review of -13 by Scott Bradner (diff)
Assignment Reviewer Magnus Nystrom
State Completed
Review review-ietf-avtcore-rtp-circuit-breakers-13-secdir-lc-nystrom-2016-03-10
Reviewed rev. 13 (document currently at 18)
Review result Ready
Review completed: 2016-03-10


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This memo describes a set of RTP "circuit-breakers."  In this context,
circuit-breakers are conditions under which an RTP sender "needs to
stop transmitting media data in order to protect the network from
excessive congestion." As such, the possibility for DOS and similar
disruptions are possible in this context. However, the security
considerations sections seems adequate and refers to the core RTP,
RTCP documents for threat models and mitigations.

-- Magnus