Last Call Review of draft-ietf-dime-e2e-sec-req-04
review-ietf-dime-e2e-sec-req-04-genart-lc-holmberg-2016-05-07-00
Request | Review of | draft-ietf-dime-e2e-sec-req |
---|---|---|
Requested revision | No specific revision (document currently at 05) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2016-05-12 | |
Requested | 2016-05-06 | |
Authors | Hannes Tschofenig , Jouni Korhonen , Glen Zorn , Kervin Pillay | |
I-D last updated | 2016-05-07 | |
Completed reviews |
Genart Last Call review of -04
by Christer Holmberg
(diff)
Secdir Last Call review of -04 by Radia Perlman (diff) Opsdir Last Call review of -04 by Qin Wu (diff) |
|
Assignment | Reviewer | Christer Holmberg |
State | Completed | |
Request | Last Call review on draft-ietf-dime-e2e-sec-req by General Area Review Team (Gen-ART) Assigned | |
Reviewed revision | 04 (document currently at 05) | |
Result | Ready w/nits | |
Completed | 2016-05-07 |
review-ietf-dime-e2e-sec-req-04-genart-lc-holmberg-2016-05-07-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq> Document: draft-ietf-dime-e2e-sec-req-04 Reviewer: Christer Holmberg Review Date: 7 May 2016 IETF LC End Date: 12 April 2016 IETF Telechat Date: N/A Summary: The document is well written, and almost ready for publication is informational RFC. However, I have a few editorial issues, related to the Introduction, that I ask the authors to address. Major Issues: None Minor Issues: None Editorial Issues: Q_ABSTRACT_1: The text says that the draft “discusses” requirements. In my opinion it should say “defines” or “specifies”. Q_INTRODUCTION_1: Please add references for TLS (for TCP) and DTLS (for SCTP). Q_INTRODUCTION_2: The text says: “…or alternative security mechanisms independent of Diameter (e.g., IPsec) is used.” 2A: I guess it should be “are used”? 2B: I am not sure I understand what “independent of Diameter” means. Q_INTRODUCTION_3: The text talks about security between non-neighbour nodes, while the draft name includes “e2e”. However, when reading Section 4, non-neighbour does not necessarily mean end-to-end. I think it would be good to explicitly clarify that in the Introduction. Q_INTRODUCTION_4: The text says: “This document collects requirements for developing a solution to protect Diameter AVPs.” 2A: It needs to be clear that it’s about protecting AVPs between non-neighbour nodes. 2B: Instead of “collect”, please use the same terminology as in the Abstract. Q_INTRODUCTION_5: Please enhance AVP on first occurrence. Currently it’s not done until Section 3.