Last Call Review of draft-ietf-dime-priority-avps-

Request Review of draft-ietf-dime-priority-avps
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-07-20
Requested 2011-07-09
Authors Ken Carlberg, Tom Taylor
Draft last updated 2011-08-01
Completed reviews Genart Telechat review of -?? by Joel Halpern
Genart Telechat review of -?? by Joel Halpern
Secdir Last Call review of -?? by Steve Hanna
Secdir Telechat review of -?? by Steve Hanna
Assignment Reviewer Steve Hanna 
State Completed
Review review-ietf-dime-priority-avps-secdir-lc-hanna-2011-08-01
Review completed: 2011-08-01


I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This standards track document defines Diameter AVPs that can be
used to convey a variety of priority parameters. While the Security
Considerations section of this document properly requires that
implementers review the Security Considerations section in the
Diameter protocol specification and consider the issues described
there, it does not include any analysis of the specific security
issues related to priority systems. The authors should review other
Security Considerations sections relating to priority systems
(e.g. the one in RFC 4412) and add text that describes the
special security issues that arise with priority systems and
the countermeasures that may be employed.