Last Call Review of draft-camarillo-rai-media-policy-dataset-
review-camarillo-rai-media-policy-dataset-secdir-lc-sheffer-2012-06-19-00
| Request | Review of | draft-camarillo-rai-media-policy-dataset |
|---|---|---|
| Requested revision | No specific revision (document currently at 04) | |
| Type | IETF Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2012-06-11 | |
| Requested | 2012-05-18 | |
| Authors | Volker Hilt , Gonzalo Camarillo , Jonathan Rosenberg , Dale R. Worley | |
| I-D last updated | 2015-10-14 (Latest revision 2012-09-25) | |
| Completed reviews |
Secdir IETF Last Call review of -??
by Yaron Sheffer
Secdir Telechat review of -?? by Yaron Sheffer |
|
| Assignment | Reviewer | Yaron Sheffer |
| State | Completed | |
| Request | IETF Last Call review on draft-camarillo-rai-media-policy-dataset by Security Area Directorate Assigned | |
| Result | Ready | |
| Completed | 2012-06-19 |
review-camarillo-rai-media-policy-dataset-secdir-lc-sheffer-2012-06-19-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
Summary
Nothing much here - this is not where the security action is. However a
companion document may need some deeper security review.
Details
This draft defines the contents/format of a media document. The document
allows a SIP policy server to dictate the media policy that should be
implemented by a UA, in general or on a per-session basis.
• The draft requires that all documents be well-formed and valid XML,
which is good - not only for security.
• The real security stuff is in draft-ietf-sipping-policy-package-08. I
will not review that document here, but I find it puzzling that session
(media) information is transmitted/secured along with session encryption
keys. Mixing together data of such disparate security sensitivity levels
is likely to result in either over-engineering or under-security.
• Reading further down the said security considerations, this issue is
addressed ("the user agent should not insert" etc.), but none of that
discussion is normative!
• Moreover, recent discussion on SAAG
(
http://www.ietf.org/mail-archive/web/saag/current/msg03695.html
)
suggests that some of the security solutions mandated by the Policy
Package draft as well as the current draft are, to put it mildly, not
widely implemented.
• Back to the current document. Re: XML security considerations, please
reference the security considerations of RFC 3470, and possibly also:
Marsh, J., Orchard, D., and D. Veillard, "XML Inclusions (XInclude)
Version 1.0 (Second Edition)", World Wide Web Consortium Recommendation
REC-xinclude-20061115, November 2006,
<
http://www.w3.org/TR/2006/REC-xinclude-20061115
>.
Thanks,
Yaron