Skip to main content

Last Call Review of draft-ietf-avt-rapid-rtp-sync-
review-ietf-avt-rapid-rtp-sync-secdir-lc-hoffman-2010-06-03-00

Request Review of draft-ietf-avt-rapid-rtp-sync
Requested revision No specific revision (document currently at 13)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-06-01
Requested 2010-05-14
Authors Colin Perkins , Thomas Schierl
I-D last updated 2010-06-03
Completed reviews Secdir Last Call review of -?? by Paul E. Hoffman
Assignment Reviewer Paul E. Hoffman
State Completed
Request Last Call review on draft-ietf-avt-rapid-rtp-sync by Security Area Directorate Assigned
Completed 2010-06-03
review-ietf-avt-rapid-rtp-sync-secdir-lc-hoffman-2010-06-03-00
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. 
Document editors and WG chairs should treat these comments just like any other
comments.

The extensions described in this document probably do not cause any security
problems for the Internet. As the security considerations section says, the
security of these extensions inherit most of the security considerations of RTP.

From my admittedly naive reading, it seems that an attacker could use one or
more of these extensions to amplify a denial-of-service attack by causing nodes
to try to synch when they can't; if so, that might be added to the security
considerations section. However, this is a trivial point even if true, and the
document is fine as-is.

--Paul Hoffman, Director
--VPN Consortium