Last Call Review of draft-ietf-insipid-logme-reqs-11
review-ietf-insipid-logme-reqs-11-opsdir-lc-romascanu-2017-01-12-00

Request Review of draft-ietf-insipid-logme-reqs
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2017-01-13
Requested 2016-12-21
Authors Peter Dawes, Chidambaram Arunachalam
Draft last updated 2017-01-12
Completed reviews Secdir Last Call review of -11 by Sean Turner (diff)
Genart Last Call review of -11 by Stewart Bryant (diff)
Opsdir Last Call review of -11 by Dan Romascanu (diff)
Genart Telechat review of -12 by Stewart Bryant
Assignment Reviewer Dan Romascanu 
State Completed
Review review-ietf-insipid-logme-reqs-11-opsdir-lc-romascanu-2017-01-12
Reviewed rev. 11 (document currently at 12)
Review result Ready
Review completed: 2017-01-12

Review
review-ietf-insipid-logme-reqs-11-opsdir-lc-romascanu-2017-01-12

I have reviewed this document as part of the Operational directorate's 
ongoing effort to review all IETF documents being processed by the IESG.  These 
comments were written with the intent of improving the operational aspects of the 
IETF drafts. Comments that are not addressed in last call may be included in AD reviews 
during the IESG review.  Document editors and WG chairs should treat these comments 
just like any other last call comments. 

   This informational document describes requirements for adding an indicator to the SIP
   protocol data unit (PDU, or a SIP message) that marks the PDU as a
   candidate for logging.  Such marking will typically be applied as
   part of network testing controlled by the network operator and not
   used in regular client signaling.  However, such marking can be
   carried end-to-end including the SIP terminals, even if a session
   originates and terminates in different networks.

It's a short, focused and well-written document. It is interesting for the operators of networks that use SIP, as this indicator can be used to trigger testing or debugging in the networks that they operate. It seems that different implications on security and network behavior were considered, although some of them are not explicitly mentioned - such as the potential overload or DoS attacks in case of mis-configuration or malicious configuration of a big number of terminals in a SIP network leading to simultaneous activation of debug modes. It may be good to explicitly mentions these, but otherwise this document is READY from an OPS-DIR perspective.