Last Call Review of draft-stone-mgcp-vbd-
review-stone-mgcp-vbd-secdir-lc-wallace-2010-06-24-00

Request Review of draft-stone-mgcp-vbd
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-07-09
Requested 2010-06-11
Draft last updated 2010-06-24
Completed reviews Secdir Last Call review of -?? by Carl Wallace
Secdir Telechat review of -?? by Carl Wallace
Assignment Reviewer Carl Wallace
State Completed
Review review-stone-mgcp-vbd-secdir-lc-wallace-2010-06-24
Review completed: 2010-06-24

Review
review-stone-mgcp-vbd-secdir-lc-wallace-2010-06-24

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This document defines new MGCP packages.  This document is pretty far
outside my sandbox, but I did have a couple of questions and comments.

- Why is this an Informational document instead of Standards track?  It
seems to be defining new packages that are not already defined
elsewhere.
- I struggled with the presentation a bit and found myself reading
references to understand some of the shorthand in this document.  For
example, in section 3.1 the column headers are not described in this
draft. 
- The security considerations section is brief and primarily references
RFC 3435, which essentially has two security considerations: use IPSec
and use SDP encryption keys.  The latter is not recommended in the
current SDP draft.  This section should directly state the security
considerations it wants to assert.