Last Call Review of draft-ietf-mmusic-msid-13
review-ietf-mmusic-msid-13-secdir-lc-shekh-yusef-2016-05-19-00

Request Review of draft-ietf-mmusic-msid
Requested rev. no specific revision (document currently at 17)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-05-24
Requested 2016-05-12
Authors Harald Alvestrand
Draft last updated 2016-05-19
Completed reviews Genart Last Call review of -13 by Matthew Miller (diff)
Secdir Last Call review of -13 by Rifaat Shekh-Yusef (diff)
Opsdir Last Call review of -13 by Susan Hares (diff)
Assignment Reviewer Rifaat Shekh-Yusef
State Completed
Review review-ietf-mmusic-msid-13-secdir-lc-shekh-yusef-2016-05-19
Reviewed rev. 13 (document currently at 17)
Review result Ready
Review completed: 2016-05-19

Review
review-ietf-mmusic-msid-13-secdir-lc-shekh-yusef-2016-05-19

Re-sending because the original message bounced back (complaining about 

draft-ietf-mmusic-msid-13.all at ietf.org

 email).

Regards,

 Rifaat

---------- Forwarded message ----------

From: 

Rifaat Shekh-Yusef

 

<

rifaat.ietf at gmail.com

>

Date: Fri, May 13, 2016 at 10:38 AM

Subject: [secdir] SecDir review of draft-ietf-mmusic-msid-13

To: The IESG <

iesg at ietf.org

>, 

secdir at ietf.org

, 

draft-ietf-mmusic-msid-13.all at ietf.org

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the

IESG.  These comments were written primarily for the benefit of the

security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.

Summary: 

Ready

This is a Standard Track document that defines an RTP media streams

grouping mechanism in SDP.

The Security Consideration section clearly describes the potential attacks 

introduced by this new mechanism, and points out the general issue of SDP 

modification by untrusted entities, and potential issue with the buffering 

required by mechanism suggested by the draft.

Regards,

 Rifaat