Last Call Review of draft-ietf-avtcore-clksrc-09
review-ietf-avtcore-clksrc-09-secdir-lc-atkins-2014-01-23-00

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

   NTP format timestamps are used by several RTP protocols for
   synchronisation and statistical measurements.  This memo specifies
   SDP signalling identifying timestamp reference clock sources and SDP
   signalling identifying the media clock sources in a multimedia
   session.

I see no security concerns with this document.  I believe the security
considerations section explains the ramifications of trusting
unverified clock sources.

Note, there is a typo in the Security Considerations section:

                            Enough devices fraudulently assigned to
   a specific clock source (e.g. a particular IEEE 1588 grandmaster)
   may, however, constitute a successful a denial of service attack on
   that source.

I think this should read "...constitute a successful denial..."  (the
extra "a" between "successful" and "denial" should be removed).

-derek

-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant