Last Call Review of draft-ietf-fecframe-simple-rs-
review-ietf-fecframe-simple-rs-secdir-lc-hutzelman-2012-12-20-00

Request Review of draft-ietf-fecframe-simple-rs
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-12-18
Requested 2012-10-11
Draft last updated 2012-12-20
Completed reviews Genart Last Call review of -?? by Miguel García
Genart Telechat review of -05 by Miguel García (diff)
Secdir Last Call review of -?? by Jeffrey Hutzelman
Assignment Reviewer Jeffrey Hutzelman
State Completed
Review review-ietf-fecframe-simple-rs-secdir-lc-hutzelman-2012-12-20
Review result Ready
Review completed: 2012-12-20

Review
review-ietf-fecframe-simple-rs-secdir-lc-hutzelman-2012-12-20

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This document defines a forward error correction scheme for use with the
FECFRAME framework, based on Reed-Solomon codes over finite fields of
order 2^m.  However, this is mostly a protocol document; the actual FEC
code is defined in RFC5510.

In discussing security considerations, this document relies heavily on
the security discussion in the already-published FEC framework document
(RFC6363).  It also contains a reasonably complete discussion of issues
that can arise if an attacker can modify the encoding parameters.  These
generally amount to resource exhaustion if a receiver accepts an overly
large parameter, or denial of service as a result of a receiver being
unable to recover data due to misinterpretation of the code.


I found that this document, especially the introduction, did not read
very smoothly.  However, the technical content was entirely
understandable, despite my abstract algebra being a bit rusty.


-- Jeff