Skip to main content

Last Call Review of draft-ietf-bfcpbis-sdp-ws-uri-07

Request Review of draft-ietf-bfcpbis-sdp-ws-uri
Requested revision No specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-01-12
Requested 2016-12-22
Authors Ram R , Gonzalo Salgueiro
I-D last updated 2017-01-05
Completed reviews Genart Last Call review of -07 by Joel M. Halpern (diff)
Secdir Last Call review of -07 by Paul E. Hoffman (diff)
Assignment Reviewer Paul E. Hoffman
State Completed Snapshot
Review review-ietf-bfcpbis-sdp-ws-uri-07-secdir-lc-hoffman-2017-01-05
Reviewed revision 07 (document currently at 09)
Result Ready
Completed 2017-01-05
This document specifies extensions to SDP that can be used by 
application protocols (most likely SIP endpoints) that rely on WebSocket 
as a transport. For this, they need a URI that will appear in an SDP 

The Security Considerations section of the document adequately covers 
the problems with creating this SDP attribute to carry the URI, namely 
that SDP can be run either with or without authentication in the message 
and transport. The security considerations say that the entities SHOULD 
use S/MIME and TLS for these; this common-sense suggestions apply to all 
use of SDP, and is no more important here than for other uses of SDP.

--Paul Hoffman