Last Call Review of draft-ietf-mmusic-rfc3388bis-
review-ietf-mmusic-rfc3388bis-secdir-lc-kivinen-2009-10-08-00

Request Review of draft-ietf-mmusic-rfc3388bis
Requested rev. no specific revision (document currently at 04)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2009-10-14
Requested 2009-09-30
Authors Henning Schulzrinne, Gonzalo Camarillo
Draft last updated 2009-10-08
Completed reviews Secdir Last Call review of -?? by Tero Kivinen
Assignment Reviewer Tero Kivinen
State Completed
Review review-ietf-mmusic-rfc3388bis-secdir-lc-kivinen-2009-10-08
Review completed: 2009-10-08

Review
review-ietf-mmusic-rfc3388bis-secdir-lc-kivinen-2009-10-08

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This document revises rfc3388 and the changes seem quite small:
----------------------------------------------------------------------
10.  Changes from RFC 3388

   The grouping mechanism is now defined as an extendible framework.
   Earlier, [RFC3388] used to discourage extensions to this mechanism in
   favor of using new session description protocols.

   Given a semantics value, [RFC3388] used to restrict "m" line
   identifiers to only appear in a single group using that semantics.
   That restriction has been lifted.  From conversations with
   implementers, it seems that the lifting of this restriction is
   unlikely to cause backwards compatibility problems.
----------------------------------------------------------------------

I do not see that those changes would introduce any new security
considerations that the current Security Considerations section does
not already cover. Of course as this is now extendible framework the
new semantics might change this situation in future. 

The current Security Considerations section does already include note
that using FID semantics the attacker who is able to modify group
parameters can send a copy of the media to other destinations, but it
also points out that integerity mechanims can be used to prevent this
attack and that in "SIP S/MIME and TLS can be used to protect session
description exchanges in an end-to-end and a hop-by-hop fashion
respectively."
-- 
kivinen at iki.fi