Last Call Review of draft-ietf-avtcore-6222bis-03
review-ietf-avtcore-6222bis-03-secdir-lc-nystrom-2013-06-13-00

Request Review of draft-ietf-avtcore-6222bis
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-06-11
Requested 2013-05-30
Draft last updated 2013-06-13
Completed reviews Genart Last Call review of -03 by Christer Holmberg (diff)
Secdir Last Call review of -03 by Magnus Nystrom (diff)
Assignment Reviewer Magnus Nystrom
State Completed
Review review-ietf-avtcore-6222bis-03-secdir-lc-nystrom-2013-06-13
Reviewed rev. 03 (document currently at 06)
Review result Has Nits
Review completed: 2013-06-13

Review
review-ietf-avtcore-6222bis-03-secdir-lc-nystrom-2013-06-13

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.


This avtcore document describes a new method for generating unique RTCP canonical names and obsoletes RFC 6222.


The Security Considerations section seems adequate to me.

(A few side comments: 

- RFC 6222 is mentioned in several places (e.g., Section 1, Section 8). Should it not also be a reference?

- In Section 4.2, it is stated that, if the RTP endpoint is in a virtualized environment, then the MAC address may not be unique. In such cases, the host shall use the other presented option for short-term persistent RTP CNAMEs. I wonder if it in general is possible for an RTCP endpoint to deterministically determine if its MAC address is unique? It is not in general possible for a process to detect if it is running in a virtualized OS.)




Thanks,

-- Magnus