Last Call Review of draft-holmberg-dispatch-received-realm-12
review-holmberg-dispatch-received-realm-12-secdir-lc-hallam-baker-2016-12-07-00

Request Review of draft-holmberg-dispatch-received-realm
Requested revision No specific revision (document currently at 12)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-11-23
Requested 2016-10-27
Authors Christer Holmberg , Yi Jiang
I-D last updated 2016-12-07
Completed reviews Genart Last Call review of -08 by Francis Dupont (diff)
Genart Telechat review of -10 by Francis Dupont (diff)
Secdir Last Call review of -12 by Phillip Hallam-Baker
Assignment Reviewer Phillip Hallam-Baker
State Completed
Request Last Call review on draft-holmberg-dispatch-received-realm by Security Area Directorate Assigned
Reviewed revision 12
Result Has issues
Completed 2016-12-07
review-holmberg-dispatch-received-realm-12-secdir-lc-hallam-baker-2016-12-07-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary: Needs some additional explanation

The basic mechanisms look fine. What I am less happy with are the security
considerations.

The security challenge in SIP is trying to introduce security into a legacy
infrastructure that has none. As such, there is inevitably an element of
attempting to nail jello to a wall: the nails are strong enough but the jello
is not. I think there needs to be more discussion of the potential shortcomings
of the input data.

The other issue I had was with the requirements for administration of keys.
There is a MUST here: "The operator MUST change the key on a frequent basis."

What is the security concern driving this requirement? Changing keys has
security costs as well as benefits. It is not something that should be done for
the sake of it.