Last Call Review of draft-ietf-cdni-requirements-12
review-ietf-cdni-requirements-12-secdir-lc-emery-2013-12-05-00

Request Review of draft-ietf-cdni-requirements
Requested revision No specific revision (document currently at 17)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-12-03
Requested 2013-11-07
Authors Kent Leung , Yiu Lee
I-D last updated 2013-12-05
Completed reviews Genart Last Call review of -12 by Christer Holmberg (diff)
Genart Last Call review of -13 by Christer Holmberg (diff)
Secdir Last Call review of -12 by Shawn M Emery (diff)
Opsdir Last Call review of -12 by Carlos Pignataro (diff)
Assignment Reviewer Shawn M Emery
State Completed
Request Last Call review on draft-ietf-cdni-requirements by Security Area Directorate Assigned
Reviewed revision 12 (document currently at 17)
Result Ready
Completed 2013-12-05
review-ietf-cdni-requirements-12-secdir-lc-emery-2013-12-05-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This informational internet-draft describes the requirements to integrate
multiple Content Delivery Networks (CDNs) for Content Service Providers (CSPs)
so that end users have a single point of access for content.

The security considerations section does exist and refers to a separate section
for the discussion on security requirements.  This section gives requirements
priorities from high to low on the various types of attacks.  The high level
priorities are for authentication, confidentiality, integrity protection,
protection against replay, spoofing, and DoS attacks.  Since it is a requirements
specification there is purposefully no discussion on how to mitigate against such
attacks.

General comments:

None.

Editorial comments:

None.

Shawn.
--