Last Call Review of draft-ietf-fecframe-dvb-al-fec-
review-ietf-fecframe-dvb-al-fec-secdir-lc-kelly-2010-01-09-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

This document describes implementation of a forward error correction protocol
over RTP using already-defined protocol elements. The protocol was originally
defined by an ETSI group.

The security considerations section says, "This specification adds no new
security considerations to the DVB-IPTV AL-FEC protocol", which I take to mean
that the authors see no way in which the proposed approach changes the security
properties of the original ETSI specification. Since the protocol doesn't seem
to implement any security features, I guess this is probably correct. Still, it
might be better to add some additional commentary such as what is found in the
security considerations section of
draft-ietf-fecframe-interleaved-fec-scheme-07.txt (or, perhaps point to that
and the framework doc).

Lacking much necessary background in this area, I don't feel qualified to fully
evaluate this document. With that deficiency noted, the only possible red flag
I saw is that the FEC protocol requires that the SSRC fields of the FEC frames
be set to 0, while SRTP requires unique SSRC values for security reasons. With
my very limited background, I can't be sure if there is an important security
interaction here or not, but it seems worth asking about.

--Scott