Adobe's Secure Real-Time Media Flow Protocol
draft-thornburgh-adobe-rtmfp-10
Yes
(Martin Stiemerling)
No Objection
(Barry Leiba)
(Jari Arkko)
(Ted Lemon)
Abstain
(Joel Jaeggli)
Note: This ballot was opened for revision 07 and is now closed.
Martin Stiemerling Former IESG member
Yes
Yes
(for -07)
Unknown
Spencer Dawkins Former IESG member
Yes
Yes
(2013-06-25 for -07)
Unknown
I'm a Yes, because anytime we can document protocols with significant deployment, that's helpful for network operators.
Barry Leiba Former IESG member
No Objection
No Objection
(for -07)
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
(2013-06-27 for -08)
Unknown
Being more explicit (e.g., in the Introduction) about why this is being published would have been useful. Proprietary protocols can be documented for a number of reasons: historical reasons, to enable new implementations to be compatible with legacy ones, to get new implementations to use this protocol instead of a standard one, etc. Which one applies here?
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
(for -09)
Unknown
Stephen Farrell Former IESG member
(was Discuss)
No Objection
No Objection
(2013-07-11)
Unknown
Thanks for handling my discuss. I didn't check if these coments were addressed or not. Feel free to chat about 'em, but since they're non-blocking you don't have to:-) - 1.1: Saying the security is "always on" seems wrong when that's not specified here. The first three security bullets should be rewritten to say that the security bits are currently missing. (Or move those to the putative section I suggested adding.) - 2.1.2: Interesting that your VLU's are the same as DTNRG's SDNVs. [RFC6256] I'm not suggesting a change just interested that they're the same. - 2.2.3: I think you should also re-iterate here that there is no "Cryptography Profile" currently publicly specified. - 2.3.6: I didn't get why or when its ok to replace a cookie that was incorrect? Seems like a bad thing to be doing. (And what hash function do you mean?) - 2.3.7: initiatorCertificate: what certificate format do you mean? RC5280 or something else? And do you mean just one cert or a chain? - 3.5: If you add the security bits, don't you need some more state for certificate status checking, e.g. to do OCSP?
Stewart Bryant Former IESG member
No Objection
No Objection
(2013-06-25 for -07)
Unknown
Whilst I agree with Spencer on the utility of the protocol, the Abstract and the introduction needs to make it clear that this is a proprietary protocol, and not a protocol endorsed by the IETF. Whilst in this particular case this may be obvious, we need to hold all vendors to the same standard.
Ted Lemon Former IESG member
No Objection
No Objection
(for -08)
Unknown
Brian Haberman Former IESG member
Abstain
Abstain
(2013-07-02 for -09)
Unknown
I agree with Pete's points. The ISE is the proper place to publish these types of documents since the IETF will not have change control over the protocol. I strongly support publishing this document, but feel it should be done via the ISE since it is not a consensus-based document. Given that, I will simply abstain.
Joel Jaeggli Former IESG member
Abstain
Abstain
(for -09)
Unknown
Pete Resnick Former IESG member
(was Discuss, Abstain)
Abstain
Abstain
(2013-07-11)
Unknown
I believe this document obviously belongs with the ISE instead of as an individual submission via AD, but I have no intention to stand in the way of its publication. I have reviewed this strictly as if I were doing a conflict review, and I find no conflict between this and IETF work. But because I do think it belongs with the ISE, I simply Abstain.
Richard Barnes Former IESG member
Abstain
Abstain
(2013-07-08 for -09)
Unknown
I agree with Pete and others that this should be handled by the ISE. At the very least, publishing this document in the IETF stream seems to contradict its own statement that it is "not the product of an IETF activity".