Last Call Review of draft-ietf-insipid-logme-reqs-11
review-ietf-insipid-logme-reqs-11-opsdir-lc-romascanu-2017-01-12-00

I have reviewed this document as part of the Operational directorate's
ongoing effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts. Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

   This informational document describes requirements for adding an indicator
   to the SIP protocol data unit (PDU, or a SIP message) that marks the PDU as
   a candidate for logging.  Such marking will typically be applied as part of
   network testing controlled by the network operator and not used in regular
   client signaling.  However, such marking can be carried end-to-end including
   the SIP terminals, even if a session originates and terminates in different
   networks.

It's a short, focused and well-written document. It is interesting for the
operators of networks that use SIP, as this indicator can be used to trigger
testing or debugging in the networks that they operate. It seems that different
implications on security and network behavior were considered, although some of
them are not explicitly mentioned - such as the potential overload or DoS
attacks in case of mis-configuration or malicious configuration of a big number
of terminals in a SIP network leading to simultaneous activation of debug
modes. It may be good to explicitly mentions these, but otherwise this document
is READY from an OPS-DIR perspective.