Skip to main content

Last Call Review of draft-ietf-dime-e2e-sec-req-04
review-ietf-dime-e2e-sec-req-04-genart-lc-holmberg-2016-05-07-00

Request Review of draft-ietf-dime-e2e-sec-req
Requested revision No specific revision (document currently at 05)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2016-05-12
Requested 2016-05-06
Authors Hannes Tschofenig , Jouni Korhonen , Glen Zorn , Kervin Pillay
I-D last updated 2016-05-07
Completed reviews Genart Last Call review of -04 by Christer Holmberg (diff)
Secdir Last Call review of -04 by Radia Perlman (diff)
Opsdir Last Call review of -04 by Qin Wu (diff)
Assignment Reviewer Christer Holmberg
State Completed
Request Last Call review on draft-ietf-dime-e2e-sec-req by General Area Review Team (Gen-ART) Assigned
Reviewed revision 04 (document currently at 05)
Result Ready w/nits
Completed 2016-05-07
review-ietf-dime-e2e-sec-req-04-genart-lc-holmberg-2016-05-07-00



I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART,
please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>



Document:



draft-ietf-dime-e2e-sec-req-04

Reviewer:



Christer Holmberg

Review Date:

       7 May

 2016

IETF LC End Date:



12 April 2016

IETF Telechat Date:

      N/A

Summary:



The document is well written, and

almost

ready for publication is informational RFC.

 However, I have a few editorial issues, related to the Introduction, that I
 ask the authors to address.

Major Issues:



None

Minor Issues:



None

Editorial Issues:



Q_ABSTRACT_1:



The text says that the draft “discusses” requirements. In my opinion it should
say “defines” or “specifies”.





Q_INTRODUCTION_1:



Please add references for TLS (for TCP) and DTLS (for SCTP).





Q_INTRODUCTION_2:



The text says: “…or alternative security mechanisms independent of Diameter
(e.g., IPsec) is used.”



2A: I guess it should be “are used”?



2B: I am not sure I understand what “independent of Diameter” means.





Q_INTRODUCTION_3:



The text talks about security between non-neighbour nodes, while the draft name
includes “e2e”. However, when reading Section 4, non-neighbour does not
necessarily mean end-to-end. I think it would be good to
 explicitly clarify that in the Introduction.





Q_INTRODUCTION_4:



The text says: “This document collects requirements for developing a solution
to protect Diameter AVPs.”



2A: It needs to be clear that it’s about protecting AVPs between non-neighbour
nodes.



2B: Instead of “collect”, please use the same terminology as in the Abstract.





Q_INTRODUCTION_5:



              Please enhance AVP on first occurrence. Currently it’s not done
              until Section 3.