Last Call Review of draft-holmberg-dispatch-mcptt-rp-namespace-03

Request Review of draft-holmberg-dispatch-mcptt-rp-namespace
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-01-09
Requested 2016-12-12
Authors Christer Holmberg, J├Ârgen Axell
Draft last updated 2017-01-12
Completed reviews Secdir Last Call review of -03 by Melinda Shore (diff)
Genart Last Call review of -03 by Fernando Gont (diff)
Assignment Reviewer Melinda Shore 
State Completed
Review review-holmberg-dispatch-mcptt-rp-namespace-03-secdir-lc-shore-2017-01-12
Reviewed rev. 03 (document currently at 05)
Review result Has Issues
Review completed: 2017-01-12


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary: Ready, with issues

This draft defines an additional Session Initiation Protocol (SIP)
Resource-Priority namespace to meet the requirements of the 3GPP
defined Mission Critical Push To Talk, and places this namespace in
the IANA registry.  The "Security Considerations" section is brief,
stating only "[t]his document has the same Security Considerations as
[RFC4412]."  I think that is actually not the case, as the security
considerations for a namespace registry are not the same as the
security considerations for the protocol in which the namespace is
being used.  It would probably be more correct to follow the model in,
say, RFC 6878 ("SIP Priority Field Registry") and say only "This
document does not have any impact on the security of the SIP MCPTT
protocol.  Its purpose is purely administrative in nature."

Otherwise, all's well.