Last Call Review of draft-ietf-avtcore-clksrc-09
review-ietf-avtcore-clksrc-09-secdir-lc-atkins-2014-01-23-00

Request Review of draft-ietf-avtcore-clksrc
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-01-16
Requested 2014-01-09
Draft last updated 2014-01-23
Completed reviews Genart Last Call review of -09 by Scott Brim (diff)
Genart Last Call review of -09 by Scott Brim (diff)
Secdir Last Call review of -09 by Derek Atkins (diff)
Assignment Reviewer Derek Atkins
State Completed
Review review-ietf-avtcore-clksrc-09-secdir-lc-atkins-2014-01-23
Reviewed rev. 09 (document currently at 11)
Review result Has Nits
Review completed: 2014-01-23

Review
review-ietf-avtcore-clksrc-09-secdir-lc-atkins-2014-01-23

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

   NTP format timestamps are used by several RTP protocols for
   synchronisation and statistical measurements.  This memo specifies
   SDP signalling identifying timestamp reference clock sources and SDP
   signalling identifying the media clock sources in a multimedia
   session.

I see no security concerns with this document.  I believe the security
considerations section explains the ramifications of trusting
unverified clock sources.

Note, there is a typo in the Security Considerations section:

                            Enough devices fraudulently assigned to
   a specific clock source (e.g. a particular IEEE 1588 grandmaster)
   may, however, constitute a successful a denial of service attack on
   that source.

I think this should read "...constitute a successful denial..."  (the
extra "a" between "successful" and "denial" should be removed).

-derek

-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant